Earlier this month, the international whistleblowing organization, Wikileaks, released information that it had been handed millions of lines of code that the CIA uses to spy on governments, individuals, and organizations around the world.
By John Friend
In early March, WikiLeaks—the notorious international non-profit organization that works with whistleblowers, hackers, and other anonymous individuals to expose secret and classified information detailing government corruption and malfeasance—published the first installment of what has been described as the largest ever collection of secret government and intelligence files, all of which pertain to the CIA, America’s top spy agency.
The data dump, code-named “Vault 7” by WikiLeaks, includes thousands of secret CIA documents detailing a rogue agency that has focused much of its attention and resources on hacking, spying, and cyber-warfare but failed to secure and protect their capabilities. The initial release of secret documents, totaling 8,761 files originating from “an isolated, high-security network situated inside the CIA’s Center for Cyber Intelligence in Langley, Va.,” is known as “Year Zero,” and exposes a variety of arguably illegal and certainly concerning CIA activities, according to a press release published by WikiLeaks.
“‘Year Zero’ introduces the scope and direction of the CIA’s global covert hacking program, its malware arsenal and dozens of ‘zero day’ weaponized exploits against a wide range of U.S. and European company products, including Apple’s iPhone, Google’s Android and Microsoft’s Windows and even Samsung TVs, which are turned into covert microphones,” WikiLeaks’ press release describing its latest data dump states. “Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized ‘zero day’ exploits, malware remote control systems, and associated documentation. This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.”
In a press conference announcing and highlighting the findings of the initial publication of the documents associated with “Vault 7,” WikiLeaks founder and chief spokesman Julian Assange charged the CIA with “devastating incompetence” for failing to protect and secure their hacking secrets, and pledged to work with various technology companies to address the vulnerabilities.
“This is a historic act of devastating incompetence, to have created such an arsenal and then stored it all in one place,” Assanged averred. “It is impossible to keep effective control of cyber weapons. . . If you build them, eventually you will lose them.”
Assange went on to note that his organization possessed “a lot more information” about the CIA’s cyber warfare operations, which include its hacking and surveillance capabilities, malware systems, and viruses, and vowed to wait to release the information until technology companies and manufacturers had been consulted.
“We have decided to work with them [tech companies] to give them some exclusive access to the additional technical details we have so fixes can be developed and then pushed out,” Assange stated. “Once this material is effectively disarmed by us we will publish additional details about what has been occurring.”
Of particular importance in the recent WikiLeaks disclosures is the fact that the CIA, especially since 9/11, has developed “its own substantial fleet of hackers,” according to the press release published by WikiLeaks announcing the initial release of “Vault 7.”
“The agency’s hacking division freed it from having to disclose its often controversial operations to the NSA (its primary bureaucratic rival) in order to draw on the NSA’s hacking capacities,” the press release states. “By the end of 2016, the CIA’s hacking division, which formally falls under the agency’s Center for Cyber Intelligence (CCI), had over 5,000 registered users and had produced more than a thousand hacking systems, trojans, viruses, and other ‘weaponized’ malware. Such is the scale of the CIA’s undertaking that by 2016, its hackers had utilized more code than that used to run Facebook. The CIA had created, in effect, its ‘own NSA’ with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified.”
Glenn Greenwald, a journalist close to Assange who worked with Edward Snowden to expose a variety of shady and illegal U.S. government spying operations, recently appeared on the BBC to weigh in on the latest revelations by WikiLeaks.
“One very significant revelation is that the CIA actively encourages and at times even pays various companies and organizations to preserve vulnerabilities that they are able to exploit in a lot of these software programs, which means that not only they can go through these ‘backdoors’ that they make sure exist, but so can hacker groups or terrorist organizations or other nation states and it shows the CIA, like the NSA, is making the Internet more unsafe for everyone, and I think that’s very disturbing,” Greenwald noted.
WikiLeaks’ primary source for the secret CIA documents that have and will be released argues these issues “urgently need to be debated in public,” and aims “to initiate a public debate about the security, creation, use, proliferation, and democratic control of cyberweapons.”
Given the secrecy surrounding the CIA and the power it has amassed since its creation, getting to the bottom of all of this will no doubt prove to be a major challenge. Do not expect the CIA and other deep state actors to willingly cooperate with WikiLeaks.
John Friend is a writer and lives in California.