Tuesday March 07, 2017

Wikileaks Exposes CIA Hacking Tools

Apparently CIA's archive of tools used to compromise targeted systems was recently circulated in an unauthorized manner among former CIA contractors and hackers, one or more of which provided the information to Wikileaks. This leak outlines how CIA has been able to compromise platforms like Apple's iPhone, Google's Android, Microsoft Windows and Samsung TV's which can be turned into covert microphones. It also includes exploits for OSX, Linux and routers.

I've always been a bit uneasy about all the connected devices that might be used to spy on me and collect data. When I heard that Samsung's voice command microphone was always on, I made the decision to disconnect my TV from any network. I'm not personally concerned with primary use of Google, Samsung and their ilk using the data to anonymously raise ad revenue, but I've always been concerned with how it can be compromised and misused, and the CIA data shows that this is very possible. The primary concern is always identity and/or financial theft, and if the CIA can do it, so can some shady Russian or Chinese hacker. On the other hand I'm torn about this information being made public. CIA certainly does use it to attempt to protect us from foreign threats, but on the other hand there are many fourth amendment concerns, especially when the NSA might use methods like this domestically. The release of this information can allow developers to patch their code, and make us all individually safer from identity theft and 4th amendment abuses.

News Image

By the end of 2016, the CIA's hacking division, which formally falls under the agency's Center for Cyber Intelligence (CCI), had over 5000 registered users and had produced more than a thousand hacking systems, trojans, viruses, and other "weaponized" malware. Such is the scale of the CIA's undertaking that by 2016, its hackers had utilized more code than that used to run Facebook. The CIA had created, in effect, its "own NSA" with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified.