Phones, TVs could be used to listen in on conversations
International non-profit organisation Wikileaks recently leaked several documents from the US intelligence service detailing ways it was using devices and appliances to listen in on users.
spyingand hacking are back in the news headlines, thanks to a new leak from Wikileaks. The organisation has published 8 761 documents and files, published between 2013 and 2016, allegedly detailing how the American Central Intelligence Agency (CIA) spies by co-opting technologies in target homes.
A Wikileaks press release stated that the leak introduces the “scope and direction” of the CIA’s global covert hacking programme, its malware arsenal and specific tools that target Apple’s iPhone as well as Google’s Android and Microsoft’s Windows phones in addition to Samsung TVs, which are turned into covert microphones.
The CIA has refused to comment on the authenticity of the leaked documents, but the leak is reportedly the subject of a criminal investigation by the FBI.
“The American public should be deeply troubled by any Wikileaks disclosure designed to damage the Intelligence Community’s ability to protect America against terrorists and other adversaries,” said a CIA statement following the leak. “Such disclosures not only jeopardize U.S. personnel and operations, but also equip our adversaries with tools and information to do us harm.”
Wikileaks began the leak, code-named Vault 7, on 7 March, claiming that the 8 761 documents were the first batch in the series and had been code-named Year Zero. The organisation is claiming that Vault 7 in its entirety will be the largest intelligence publication in history.
It claimed that the documents were from an isolated, high-security network situated inside the CIA’s Center for Cyber Intelligence in Langley, Virginia.
Wikileaks claims that by the end of 2016, the CIA’s hacking division had over 5 000 registered users and had produced more than a thousand hacking systems, trojans, viruses, and other weaponised malware.
“Such is the scale of the CIA’s undertaking that by 2016, its hackers had utilized more code than that used to run Facebook,” read the press release.
Former National Security Agency subcontractor Edward Snowden called the leak a “big deal” on Twitter, saying that he was still working through the publication.
Your phone and television could be spying on you
Wikileaks stated that it was concerned about the fact that the CIA appears to be in violation of a commitment given by the Obama administration to the US technology industry that it would disclose serious vulnerabilities, exploits and bugs it uncovered on an ongoing basis. “Serious vulnerabilities not disclosed to Former intelligence contractor the manufacturers places huge swathes of the population and critical infrastructure at risk to foreign intelligence or cyber criminals who independently discover or hear rumors of the vulnerability,” argued Wikileaks. “If the CIA can discover such vulnerabilities, so can others.”
Privacy International executive director Dr Gus Hosein said if the leak is authenticated, it demonstrates that government hacking powers can be extremely intrusive, have enormous security implications, and are not sufficiently regulated. “Insufficient security protections in the growing amount of devices connected to the internet or so-called “smart” devices, such as Samsung Smart TVs, only compound the problem, giving governments easier access to our private lives,” said Hosein.
“If the CIA knew of security weaknesses in the devices many of us use – from ‘smart’ phones to ‘smart’ TVs – they should have been working with companies to fix the vulnerabilities, not exploit them.” What the leak does confirm is that the apps you use can have all the security in the world, but they are only as secure as the device you are using.
According to Wikileaks the CIA has developed numerous attacks to remotely hack and control smartphones, both iOS and Android. “Infected phones can be instructed to send the CIA the user’s geolocation, audio and text communications as well as covertly activate the phone’s camera and microphone,” read the press release.
Wikileaks argues that all these techniques permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman by hacking the smartphones that they run on and collecting audio and message traffic before encryption is applied. Wikileaks singles out a project called Weeping Angel, which infests smart TVs, transforming them into covert microphones. The organisation says that Weeping Angel places the target TV in a fake OFF mode, so that the owner falsely believes the TV is off when it is in fact on.
“In ‘Fake-Off’ mode the TV operates as a bug, recording conversations in the room and sending them over the internet to a covert CIA server,” said Wikileaks. It claimed that the project was jointly developed by the CIA and the UK’s MI5.
Hiding backdoors from technology companies