WEBINAR: Live Event Date: September 20, 2017 @ 1:00 p.m. ET / 10:00 a.m. PT
Designing a Proactive Approach to Information Security with Cyber Threat Hunting REGISTER >
WikiLeaks yesterday released the first part of what it's calling "Vault 7," a series of leaks it claims are taken from the U.S. Central Intelligence Agency.
The initial dump includes 8,761 documents and files.
"Recently, the CIA lost control of the majority of its hacking arsenal, including malware, viruses, Trojans, weaponized "zero-day" exploits, malware remote control systems and associated documentation," the organization stated in a press release. "This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA."
While it's not yet clear how the data was stolen, WikiLeaks claimed the files had already been circulating among former U.S. government hackers and contractors, one of whom provided them to the organization.
Leaks Prove the CIA's Hacking Capabilities Exceed Its Mandate?
According to WikiLeaks, the source who provided the data claimed the files raise the question of whether the CIA's hacking capabilities exceed its mandate.
"The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons," WikiLeaks stated.
Among the revelations in the exposed files are the use of Samsung smart TVs to surveil targets even when the TVs are turned off; an effort to infect vehicle control systems in cars and trucks, possibly for targeted assassinations; breaches of popular smartphones to access the camera, microphone, user location, audio and texts; and methods of bypassing the encryption of WhatsApp, Signal, Telegram, Weibo, Confide and Cloakman by accessing the message traffic prior to encryption.
CIA spokesman Jonathan Liu told CBS News, "We do not comment on the authenticity or content of purported intelligence documents."
Skyport Systems EVP Rick Hanson told eSecurity Planet by email that this news is yet another example of why any organization built around leaks and breaches should never be praised. "Donald Trump previously praised WikiLeaks during his campaign," he said. "When an organization like WikiLeaks is lauded in any forum there is reason to be concerned."
"We are losing the cybersecurity war to other nation states and [are] at a deficit in our ability to protect ourselves," Carbon Black nation security strategist Eric O'Neill said by email. "Now with the release of one of our offensive playbooks, our ability to attack is compromised. All of these tools will now proliferate among those for whom breaching security is a business or profession, leading to additional attacks."
In response, Contrast Security CTO Jeff Williams said the answer isn't to focus on "cyber arms control," which he said will never work. "We need a massive increased focus on writing secure code and defending against attacks," he said.
"As a nation, we are simply incapable of reliably writing code that isn’t susceptible to these attacks," Williams continued. "But it’s not impossible. It’s not even that difficult. But we have to change the incentives in the software market, which currently don’t encourage writing secure code."
Access Now senior legislative manager Nathan White said in a statement that the leak demonstrates the urgent need to have a serious discussion about government hacking. "Today, our digital security has been compromised because the CIA has been stockpiling vulnerabilities rather than working with companies to patch them," he said. "The United States is supposed to have a process that helps secure our digital devices and services — the 'Vulnerabilities Equities Process.'"
"Many of these vulnerabilities could have been responsibly disclosed and patched," White added. "This leak proves the inherent digital risk of stockpiling vulnerabilities rather than patching them."
Photo courtesy of Shutterstock.