CIA possibly hacked iPhones and Macs
UNITED STATES: WikiLeaks claimed yesterday that the CIA had found a way to intercept and hack into Apple iPhones just a year after the company’s smartphone hit the market.
The group also claimed that the CIA was able to infect Mac computers. But it’s very unlikely your iPhone or Mac was affected, experts say.
Apple said its preliminary assessment of the WikiLeaks documents show the ‘‘alleged iPhone vulnerability affected iPhone 3G only and was fixed in 2009 when iPhone 3GS was released’’.
The company said the alleged Mac exploits described by WikiLeaks were fixed in all Macs launched after 2013.
The CIA declined to comment on the accuracy of the WikiLeaks information, but denounced disclosures ‘‘designed to damage the intelligence community’s ability to protect America against terrorists and other adversaries’’.
The documents offer a rare glimpse into the world of modern espionage, said Jeff Pollard, a security and risk analyst at Forrester Research. For Apple and other companies, he said, it also shows it’s very difficult to secure their products.
‘‘The most concerning part of this is that it highlights that it doesn’t matter how secure you keep a device,’’ he said. ‘‘You have to understand there could also be something that gets delivered to you in a device that you purchased.’’
According to WikiLeaks, the documents allege that, as far back as
"The most concerning part of this is that it highlights that it doesn't matter how secure you keep a device. You have to understand that there could also be something that gets delivered to you in a device that you purchased."
2008, the CIA was able to install software on iPhones before they were shipped to their intended owners. There’s no evidence of tampering done at Apple’s factories, experts said.
The documents also purportedly show that the CIA found a way to install software on Macs that could not be removed, even if a user were to reinstall their operating system.
There is a specific mention of the CIA trying to intercept a laptop that it knew was being given to someone as a gift to plant its malware. Both methods require physical access to the devices.
Experts who examined the documents said there is little chance that the average consumer – particularly in the US, given the CIA’s foreign focus – would have been affected by these attacks, said Will Strafach, a noted iPhone security expert and co-founder of Verify.ly, a mobile app intelligence service.
It’s also unlikely that anyone could look at these documents now and design a similar hack, he said.
‘‘It’s too old. And even if it wasn’t too old, it requires you to get to a device that is en route to somebody specific,’’ he said.
The release of the documents follow a similar disclosure from WikiLeaks earlier this month, which allegedly outlined a suite of hacking tools used by the CIA that target smartphones, cars and televisions.
The group has said it will work with technology companies to help patch flaws exploited by the CIA’s hacking tools, but offered few details on how such a partnership would work.
Apple said it has not ‘‘negotiated with WikiLeaks for any information’’ and has instructed the organisation to submit information though its normal processes.
‘‘We are tireless defenders of our users’ security and privacy, but we do not condone theft or co-ordinate with those that threaten to harm our users.’’
– Washington Post