WikiLeaks Tuesday published intimate details about an untold number of the CIA’s covert computer and LoT hacking tools, saying the nearly 9,000 files it’s received contains the tools’ more than several hundred million lines of code and “gives its possessor the entire hacking capacity of the CIA.”
Engineered by the Agency’s Engineering Development Group, a software development group within the agency’s Center for Cyber Intelligence under the Directorate for Digital Innovation, Wikileaks disturbingly said, “Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized ‘zero day’ exploits, malware remote control systems and associated documentation.”
Wikileaks said, “The archive appears to have been circulated among former US government hackers and contractors in an unauthorized manner, one of whom provided WikiLeaks with portions of the archive.”
According to materials provided to Wikileaks, “By the end of 2016, the CIA’s hacking division … had over 5,000 registered users and … had created, in effect, its ‘own NSA,’ with even less accountability …”
A CIA spokesperson said, “we do not comment on the authenticity or content of purported intelligence documents.”
However, both US counterintelligence and counterterrorism officials told Homeland Security Today Tuesday night on condition of anonymity because of the classified subject of the matter that a hurried review by CIA throughout the day once Wikileaks announced the leak found the materials appeared authentic and referenced project code names known to be associated with the Agency’s cyber department.
Alarmingly, if what Wikileaks has said about the CIA’s hacking tools it was provided is true, “the CIA made these systems unclassified.”
“Why the CIA chose to make its cyber arsenal unclassified reveals how concepts developed for military use do not easily crossover to the ‘battlefield’ of cyber ‘war,” Wikileaks said, warning, “Once a single cyber ‘weapon’ is ‘loose,’ it can spread around the world in seconds, to be used by rival states, cyber mafia and teenage hackers alike.”
"There is an extreme proliferation risk in the development of cyber ‘weapons.’ Comparisons can be drawn between the uncontrolled proliferation of such ‘weapons’ which results from the inability to contain them combined with their high market value and the global arms trade,” said Wikileaks founder, Julian Assange.
In its announcement, Wikileaks further warned that, “Cyber ‘weapons’ are in fact just computer programs which can be pirated like any other. Since they areentirely comprised of information, they can be copied quickly with no marginal cost.” And, “Securing such ‘weapons’ is particularly difficult, since the same people who develop and use them have the skills to exfiltrate copies without leaving traces — sometimes by using the very same ‘weapons’ against the organizations that contain them. There are substantial price incentives for government hackers and consultants to obtain copies since there is a global ‘vulnerability market’ that will pay hundreds of thousands to millions of dollars for copies of such ‘weapons.’ Similarly, contractors and companies who obtain such ‘weapons’ sometimes use them for their own purposes, obtaining advantage over their competitors in selling ‘hacking’ services.”
Continuing, Wikileaks disclosed that the documents indicate that, “To attack its targets, the CIA usually requires that its implants communicate with their control programs over the internet. If CIA implants, Command & Control and Listening Post software were classified, then CIA officers could be prosecuted or dismissed for violating rules that prohibit placing classified information onto the Internet. Consequently, the CIA has secretly made most of its cyber spying/war code unclassified.”
Wikileaks surmised that, “The US government is not able to assert copyright either, due to restrictions in the US Constitution. This means that cyber ‘arms’ manufactures and computer hackers can freely ‘pirate’ these ‘weapons’ if they are obtained. The CIA has primarily had to rely on obfuscation to protect its malware secrets.”
“Leaks and public disclosures of sources and methods [like these] have potentially catastrophic consequences. This may seem like fun and games to the press. It is not. You reveal how we acquire information. Terrorist groups change their communication methodologies. We go blind. People die,” Homeland Security Today was told by Sam Faddis, who served more than 20 years in the CIA as a Clandestine Services operations officer who led the first CIA team into Iraq nine months in advance of the post-9/11 2003 invasion and served as head of the CIA’s Counter Terrorism Center’s Weapons of Mass Destruction unit charged with pursuing terrorists’ weapons of mass destruction programs around the globe.
“By putting these tools into the public domain, WikiLeaks has done the equivalent to handing lighter fluid and matches to children,” added James W. Gabberty, associate dean and professor of information systems at Pace University’s Seidenberg School of Computer Science and Information Systems in New York City.
“The potential damage done to the United States – both from a military and personal safety perspective – resulting from WikiLeaks’ transmittal of thousands upon thousands of program codes stolen by hacktivists puts us all in danger, as now our enemies possess the greatest weapon possible to inflict harm to us: the keys to the kingdom,” Gabberty said. “One can only imagine the sophistication of the tools developed by our clandestine agencies and now leaked by WikiLeaks.”
“What this means to the casual reader,” Gabberty explained, “is our most advanced network data collection tools have been made public to everyone on earth, and anyone using them has the capability to access just about any network on earth. The resulting hacking activity that will ensue will be like nothing we’ve seen to date. For those of us living in the northeast, recall how easy a simple software bug led to the northeast blackout of 2003. Image having tools that were specifically designed to allow attackers to gain access to these same computers with aplomb and the subsequent damage that could be done … As the Internet of Things (IoT) promises billions of interconnected devices, the collective vulnerability of these devices becomes painfully evident.”
“Now that WikiLeaks has unleashed the potentially most damaging cyber security tools ever to hit the street,” continued, “Iwonder if supporters of Army private Chelsea Manning and former National Security Agency contractor Edward Snowden will continue to cheer when the electricity powering their computing digital devices, ATMs, cellular networks and mass transportation systems stops flowing … we are in the midst of a massive cyber war that is increasing both in its ferocity and frequency, and everything from our research centers, financial, military and civilian infrastructures are at risk of being compromised and used against us.”
The problem, he added, is, “The United States, it turns out, still does not have a public policy on how to best safeguard our information assets; we simply hobble along, taking the best advice from this framework or that, and watch in dismay as our systems are constantly overwhelmed by attackers.”
"WikiLeaks’ release has rocked the intelligence communities,” and “the full scope of the information, and the consequences of its disclosure, remain to be determined, but the disclosure raises a number of potentially troubling issues," said Robert Cattanach, a partner of the international law firm Dorsey & Whitney specializing in cybersecurity and data breaches who previously worked as a trial attorney for the Department of Justice and a special counsel to the Secretary of the Navy.
“The CIA’s ability to access the target devices and technologies is certainly compromised,” and “the release appears to contain highly sensitive organizational and operational internal CIA information, the uses of which by foreign intelligence services can only be imagined.”
While the “actual tools used for hacking by the CIA appear to have been obtained, but not yet released," Cattanach said, "In typical WikiLeaks fashion, the disclosure promises ‘more to follow,’ including potentially the release of the computer code for actual cyberweapons …”
Indeed, Wikileaks stated it is “avoiding the distribution of ‘armed’ cyber weapons until a consensus emerges on the technical and political nature of the CIA’s program and how such ‘weapons’ should analyzed, disarmed and published.”
Furthermore, WikiLeaks said its source detailed policy questions that “urgently need to be debated in public, including whether the CIA’s hacking capabilities exceed its mandated powers and the problem of public oversight of the agency. The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons.”