WikiLeaks Vault 7 - From Whatzup to Smart TV .. Anything CIA can hack

March 23, 2017

On Tuesday 7th of March 2017, WikiLeaks began its new series of leaks on the U.S. Central Intelligence Agency (CIA). Named as “Vault 7” it is the largest ever publication of confidential CIA documents. The first full part of the series, “Year Zero”, comprises 8,761 documents and files from an isolated, highly secured network situated inside the CIA’s Center for Cyber Intelligence in Langley, Virgina, USA.

It follows an introductory disclosure last month of CIA targeting French political parties and candidates in the lead up to the 2012 presidential election (https://wikileaks.org/ciafranceelections2012).

After publishing thousands of politicized emails during the US presidential election, Wikileaks has now turned its focus to the US intelligence services.

Julian Assange and his WikiLeaks team have published 8,761 documents that are claimed to be from the US Central Intelligence Agency (CIA).

The huge collection of documents, named as Vault 7, is said to be the first of a number of disclosures that reveal the CIA’s present hacking abilities. With these existing hacking capabilities CIA can hack iPhone, Android, BlackBerry, Smart TVs owned by anyone across the globe.

“The series is the largest intelligence publication in history,” Wikileaks says. “This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.”

CIA developed malwares target iPhone, Android,smart TVs,iPads, Windows, OSx, Linux, routers

CIA developed malwares and hacking tools are built by EDG (Engineering Development Group), a software development group within CCI (Center for Cyber Intelligence), a department belonging to the CIA’s DDI (Directorate for Digital Innovation). The DDI is one of the five major directorates of the CIA (see this organizational chart (files/orgchart.png) of the CIA for more details).The EDG is responsible for the development, testing and operational support of all backdoors, exploits, malicious payloads,trojans, viruses and any other kind of malware used by the CIA in its covert operations worldwide.

CIA had 24 “weaponized” Android “zero days” (cms/page_11629096.html) which it has developed itself and obtained from GCHQ, NSA and cyber arms contractors.

These techniques permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman by hacking the “smart” phones that they run on and collecting audio and message traffic before encryption is applied.

The CIA has neither denied nor confirmed whether the documents are real, saying it does not comment on the “authenticity or content of purported intelligence documents”. It is not uncommon for security agencies and law enforcement bodies to take this approach.

Who gave WikiLeaks these files?

There are a number of unknowns about the documents. The source of the Vault 7 documents is being kept private by Wikileaks but it gives some indication of where they originated. The documents came from an “isolated, high-security network situated inside the CIA’s Center for Cyber Intelligence in Langley, Virgina,” it says. Wikileaks continues that the archive had circulated among former US government hackers and contractors – with one of them providing the information to WikiLeaks.

Lessons learnt from this WikiLeaks Vault 7

Smart devices are always easy hacking targets
Monitoring “EndpointS” is critical
Encryption matters
Encrypted messaging is still secure, as long as we control & secure our smart phones
Zero Days are still major sources of cyber attacks
Knowing what devices are online is critical
Physical access is still sometimes necessary
Validating the effectiveness of Anti Virus Engines is important
Being cautious with what we click on