In what has been a landmark event, the non-profit confidential data publisher WikiLeaks released 8,761 CIA documents in the first part of its Vault 7 leak earlier this month.
During the US presidential campaign, WikiLeaks released thousands of confidential and politically significant emails, and has now turned its attention to the US intelligence services. Its “Vault 7” release marks the first bulk of previously confidential CIA files held by the organisation. Most significantly, the leak uncovers extensive details relating to the CIA’s hacking operations and abilities, though as of yet the majority of the files have yet to be scrutinized by journalists and technical experts.
According to a WikiLeaks spokesperson, “the series is the largest intelligence publication in history”. Adding, “this extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former US government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.”
Vault 7 part one: Year Zero
The first part of the Vault 7 files was released March 7, 2017 and has been dubbed ‘Year Zero’. According to reports, this batch includes details of the CIA’s global hacking program, as well as various iOS, Android, Smart TV and browser exploits and malware.
For former NSA contractor and whistleblower Edward Snowden, the most important aspect of the release refers to the CIA’s development of vulnerabilities:
— Edward Snowden (@Snowden) March 7, 2017
In response to the release, security experts have noted that the files show how the CIA is working with other security agencies around the world to manufacture vulnerabilities in various devices, allowing them backdoor access to personal data.
According to WikiLeaks, the CIA’s Engineering Development Group (EDG) is responsible for the “development, testing and operational support of all backdoors, exploits, malicious payloads, trojans, viruses and any other kind of malware used by the CIA in its covert operations worldwide.”
In response to the details concerning the Android OS and the Chrome browser, Google’s director of information security and privacy said the following:
“We’ve reviewed the documents and we’re confident security updates and protections in both Chrome and Android already shield users from many of these alleged vulnerabilities.”
Meanwhile Apple has said that the majority of the security flaws have been fixed. There have been suggestions that secure messaging apps using end-to-end encryption, including WhatsApp, Signal, Telegram, Wiebo, Cloackman and Confide, might also be affected, but these claims have been refuted by security experts.
Year Zero also uncovers the development of malware by the CIA, including malware that targets Windows, Linux and OSX systems, as well as malware that specifically attacks “well known anti-virus programs.”
Questioning the authenticity of Year Zero
Following the release, the CIA has refused to comment on its authenticity, which is the typical protocol assumed by security agencies in such cases.
Going by the track record of WikiLeaks, which has a good reputation for publishing credible data from named sources, it’s highly probable that the release is authentic, which has been supported by The New York Times.