Sun Sentinel Palm Beach Edition
WikiLeaks report details CIA spy tools
Hacking methods said to crack TVs, phones, computers
Files tell of hacking methods for cellphones, smart TVs, computers and cars.
WASHINGTON — WikiLeaks published thousands of documents Tuesday described as secret files about CIA hacking tools the government employs to break into users’ computers, mobile phones and even smart TVs from companies like Apple, Google, Microsoft and Samsung.
The documents describe clandestine methods for bypassing or defeating encryption, antivirus tools and other protective security features intended to keep the private information of citizens and corporations safe from prying eyes. U.S. government employees, including President Donald Trump, use many of the same products and internet services purportedly compromised by the tools.
The documents describe CIA efforts — cooperating with friendly foreign governments and the U.S. National Security Agency — to subvert the world’s most popular technology platforms, including Apple’s iPhones and iPads, Google’s Android phones and the Microsoft Windows operating system for desktop computers and laptops.
The documents also include discussions about compromising some internet-connected televisions to turn them into listening posts. One document discusses hacking vehicle systems, indicating the CIA’s interest in hacking modern cars with sophisticated onboard computers.
WikiLeaks has a long track record of releasing top secret government documents, and experts who sifted through the material said it appeared legitimate.
The chairman of the House intelligence committee, Rep. Devin Nunes, RCalif., said he was concerned about the release and had asked the intelligence community for more WikiLeaks released files it says reveals CIA tools for hacking iPhones and other devices. information about it.
Former CIA Director Mike Hayden told MSNBC he had undertaken only a cursory review of the documents, but that if they were what they were purported to be, it would amount to a “very extensive file of the tactics, techniques, procedures, targets and other political rules” under which the CIA hacks targets. “If it is that, it would be very, very damaging,” he said.
Jonathan Liu, a spokesman for the CIA, said: “We do not comment on the authenticity or content of purported intelligence documents.” White House spokesman Sean Spicer also declined comment.
Missing from WikiLeaks’ trove are the actual hacking tools themselves, some of which were developed by government hackers while others were purchased from outsiders. WikiLeaks said it planned to avoid distributing tools “until a consensus emerges” on the political nature of the CIA’s program and how such software could be analyzed, disarmed and published.
Tuesday’s disclosure left anxious consumers who use the products with little recourse, since repairing the software vulnerabilities in ways that might block the tools’ effectiveness is the responsibility of leading technology companies. The revelations threatened to upend confidence in an Obama-era government program, the Vulnerability Equities Process, under which federal agencies warn technology companies about weaknesses in their software so they can be quickly fixed.
It was not clear how WikiLeaks obtained the information, and details in the documents could not immediately be verified. WikiLeaks said the material came from “an isolated, high-security network” inside the CIA’s Center for Cyber Intelligence but didn’t say whether the files were removed by a rogue employee or whether the theft involved hacking a federal contractor working for the CIA or perhaps breaking into a staging server where such information might have been temporarily stored.
Some technology firms Tuesday said they were evaluating the information. Microsoft Corp. said it was looking into the report, while the maker of secure messaging app Signal said the purported CIA tools are what affected users’ actual phones and not its software design or encryption protocols.
The manufacturer of the popular Telegram mobile messaging app said in a statement that manufacturers of cellphones and their operating systems, including Apple, Google and Samsung, were responsible for improving the security of their devices.
It said the effort will require “many hours of work and many security updates” and assured its customers that “If the CIA is not on your back, you shouldn’t start worrying yet.”
The documents show broad exchanges of tools and information among the CIA, NSA and other U.S. intelligence agencies, as well as intelligence services of close allies Australia, Canada, New Zealand and the United Kingdom.