Secret hacking tools used by the CIA revealed by Wikileaks
WikiLeaks has published thousands of documents revealing a top-secret trove of hacking tools used by the CIA to break into phones, communication apps and other electronic devices such as Smart TV’s.
The documents describe clandestine methods for bypassing or defeating encryption, antivirus tools and other protective security features intended to keep the private information of citizens and corporations safe from prying eyes.
US government employees, including President Donald Trump, use many of the same products and internet services purportedly compromised by the tools.
The documents describe CIA efforts – co-operating with friendly foreign governments and the US National Security Agency – to subvert the world’s most popular technology platforms, including Apple’s iPhones and iPads, Google’s Android phones and the Microsoft Windows operating system for desktop computers and laptops.
The documents also include discussions about compromising some internet-connected televisions to turn them into listening posts.
One document discusses hacking vehicle systems, indicating the CIA’s interest in hacking modern cars with sophisticated on-board computers.
WikiLeaks has a long track record of releasing top secret government documents, and experts who sifted through the material said it appeared legitimate.
Jonathan Liu, a spokesman for the CIA, said: “We do not comment on the authenticity or content of purported intelligence documents.”
White House spokesman Sean Spicer also declined to comment.
Missing from WikiLeaks’ trove are the actual hacking tools themselves, some of which were developed by government hackers while others were purchased from outsiders.
WikiLeaks said it planned to avoid distributing tools “until a consensus emerges” on the political nature of the CIA’s programme and how such software could be analysed, disarmed and published.
Tuesday’s disclosure left anxious consumers who use the products with little recourse, since repairing the software vulnerabilities in ways that might block the tools’ effectiveness is the responsibility of leading technology companies.
The revelations threatened to upend confidence in an Obama-era government programme, the Vulnerability Equities Process, under which federal agencies warn technology companies about weaknesses in their software so they can be quickly fixed.
It was not immediately clear how WikiLeaks obtained the information, and details in the documents could not immediately be verified.
WikiLeaks said the material came from “an isolated, high-security network” inside the CIA’s Centre for Cyber Intelligence but did not say whether the files were removed by a rogue employee or whether the theft involved hacking a federal contractor working for the CIA or perhaps breaking into a staging server where such information might have been temporarily stored.
“The archive appears to have been circulated among former US government hackers and contractors in an unauthorised manner, one of whom has provided WikiLeaks with portions of the archive,” WikiLeaks said in a statement.
The tools described in the documents carried bizarre names, including Time Stomper, Fight Club, Jukebox, Bartender, Wild Turkey, Margarita and RickyBobby, a racecar-driving character in the comedy film Talladega Nights.
The RickyBobby tool, the documents said, was intended to plant and harvest files on computers running “newer versions of Microsoft Windows and Windows Server”.
In a comment piece, E&T’s Paul Dempsey said that the leaks could compromise the CIA’s ability to carry out its job effectively.