Threat Management, Compliance Management, Threat Intelligence, Network Security, Privacy

WikiLeaks releases document trove allegedly containing CIA hacking tools


WikiLeaks has released the CIA's "Year Zero," a trove of 8,761 documents and files allegedly from an isolated, high-security network situated inside the CIA's Center for Cyber Intelligence in Langley, Va.

According to a WikiLeaks press release and analysis, the leaked documents were selected from an even larger assortment of files, nicknamed Vault 7, all of which will be released over time. The files allegedly show the breadth of hacking tools at the CIA's disposal, including malware, viruses, trojans, weaponized "zero day" exploits, malware remote control systems and associated documentation.

WikiLeaks says the collection amounts to more than several hundred million lines of code, and “gives its possessor the entire hacking capacity of the CIA.” The organization further claims that it was handed the archive while it was being circulated among former U.S. government hackers and contractors in an “unauthorized manner."

"Year Zero" allegedly shows the scope and direction of the CIA's global covert hacking program, its malware arsenal and dozens of "zero day" weaponized exploits against a wide range of U.S. and European company products running on such common operating systems as Apple's iOS, Google's Android and Microsoft's Windows.

One program, code-named “Weeping Angel,” purportedly involves a technique for hacking Samsung smart TVs so that they appear turned off while actually secretly recording nearby conversations. Other revelations included the CIA in Oct. 2014 looking into infecting vehicle control systems, which WikiLeaks speculated could allow the agency to pull off undetectable assassinations. WikiLeaks also cited techniques that permit the CIA “to bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman by hacking the smart phones that they run on and collecting audio and message traffic before encryption is applied.”

WikiLeaks says it has carefully reviewed the "Year Zero" disclosure and avoided the public distribution of potentially dangerous cyber weapons until a “consensus emerges on the technical and political nature of the CIA's program and how such 'weapons' should be analyzed, disarmed and published.”

WikiLeaks also said it has redacted and anonymized some identifying information, including tens of thousands of CIA targets and attack machines throughout Latin America, Europe and the United States.

The website said: “While we are aware of the imperfect results of any approach chosen, we remain committed to our publishing model and note that the quantity of published pages in "Vault 7" part one (“Year Zero”) already eclipses the total number of pages published over the first three years of the Edward Snowden NSA leaks.”

The leak follows an introductory disclosure last month of CIA targeting French political parties and candidates in the lead up to the 2012 presidential election.

In a statement to WikiLeaks, the source of the files details policy questions that they say urgently need to be debated in public, including whether the CIA's hacking capabilities exceed its mandated powers and the problem of public oversight of the agency.

WikiLeaks's source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyber weapons.

The source claims that once a single cyber weapon is loose it can spread around the world in seconds, to be used by rival states, cyber mafia and teenage hackers alike.

"There is an extreme proliferation risk in the development of cyber 'weapons'," stated Julian Assange, WikiLeaks editor. "Comparisons can be drawn between the uncontrolled proliferation of such 'weapons', which results from the inability to contain them combined with their high market value, and the global arms trade. But the significance of ‘Year Zero' goes well beyond the choice between cyberwar and cyberpeace. The disclosure is also exceptional from a political, legal and forensic perspective."

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.