WikiLeaks has published thousands of documents that it says come from the CIA’s Center for Cyber Intelligence, a dramatic release that appears to give an eye-opening look at the intimate details of the agency’s cyberespionage effort.
The dump could not immediately be authenticated by The Associated Press. The CIA did not return repeated messages seeking comment, but WikiLeaks has a long track record of releasing top secret government documents.
One expert who examined the dump, Rendition Infosec founder Jake Williams, told the AP it appeared legitimate.
If it does prove legitimate, the dump will represent yet another catastrophic breach for the U.S. intelligence community at the hands of WikiLeaks and its allies, which have repeatedly humbled Washington with the mass release of classified material.
Among the confidential documents published by WikiLeaks:
- A series of files purportedly attached to the CIA’s Operational Support Branch. They described tools and projects with exotic names, among them Time Stomper, Fight Club, Jukebox, Bartender, Wild Turkey and Margarita. Many of those tools contained no additional data, so it was unclear what the projects were designed to do.
- A separate accompanying file contains a welcome statement that hinted at the malware and intrusion instruments at the agency’s command: “Ah yeah, OSB Projects y’all! You know we got the dankest Trojans and collection tools for all your windows asset assist and ORC needs.” It was not immediately clear what “ORC” stood for, although the acronym frequently refers to “Old Red Cracker,” a mysterious, early hacking pioneer who openly published directions for reverse-engineering software blueprints in efforts to identify vulnerabilities in them.
WikiLeaks says documents it obtained show that the CIA targeted everyday gadgets such as smartphones as part of a surveillance program. The hacks have allowed the CIA to collect audio and other messages from apps such as Facebook’s WhatsApp before the data got encrypted.
- According to WikiLeaks, the CIA knew about several flaws in software made by Apple, Google, Samsung and others but didn’t tell the companies about them. Disclosing such vulnerabilities is supposed to be common practice so companies could fix them before hackers use them.
- WikiLeaks says the CIA kept knowledge of the vulnerabilities to itself for use in bypassing the encryption on apps such as WhatsApp, Signal, Telegram and Confide.
- WikiLeaks says the CIA had two dozen such undisclosed vulnerabilities for Android gadgets alone.
WikiLeaks also claims Samsung smart TVs are among the CIA’s weapons for surveillance.
- WikiLeaks claims the CIA worked with U.K. intelligence officials to turn microphones in TVs into listening devices.
- Samsung smart TVs have microphones so viewers can make voice commands, such as requests for movie recommendations. The commands typically aren’t transmitted outside the home unless users activate the feature. If the TV is off, there’s no listening being done. But WikiLeaks claims that documents it obtained show that through a program called Weeping Angel, the target TV appears to be off when it is actually on — and listening.
- WikiLeaks says the audio goes to a covert CIA server rather than a party authorized by Samsung. In such cases, audio isn’t limited to TV commands but could include everyday conversations.
The WikiLeaks release poses one of the first big tests for Mike Pompeo, a former GOP congressman from Kansas, who is President Donald Trump’s new CIA director. During his confirmation hearing, just two months ago, Pompeo was asked to assess America’s preparedness in the cyber domain.
“We have an awful lot of work to do,” Pompeo told members of the Senate intelligence committee. He said there is “no reason to expect that this threat is going to diminish” and that work was needed by all of government to “achieve better cybersecurity for the national infrastructure, as well.”