Sunday, March 26, 2017

The CIA’s Secret Arsenal
Today’s is a world where your phone or even your TV can be used to spy on you

Sergio Alejandro Gómez |
March 21, 2017 14:03:25

Many instant messaging systems encrypt data to offer more security to users, but the CIA is able to exploit vulnerabilities on phones to access the information before it is encrypted. Photo: AP
THE world is learning more everyday about the functioning and scope of U.S. espionage. While former Central Intelligence Agency (CIA) employee Edward Snowden revealed the National Security Agency's massive surveillance programs in 2013, the spotlight is now on the CIA, considered a state within the state, given its modus operandi and infamous independence.

According to the most recent documents released on Wikileaks, directed by Australian Julian Assange, the CIA runs a network of hackers charged with exploiting weaknesses in the security systems of the world's most widely-used digital devices, with the goal of gathering information and carrying out secret operations.

Under the title of “Year Zero,” Wikileaks published 8,761 documents and classified files, from the period 2013-2016, extracted from the CIA's high security network in Langley, Virginia.

According to Wikileaks, at the end of 2016, the CIA had some 5,000 experts working on cyber-intelligence, and produced more than a thousand hacking programs, cyber-weapons, and malware to gain access to computers, smart phones, and even Samsung televisions.

The agency lost control of a large part of this arsenal, which ended up in the hands of former government hackers and other private agents, in an “unauthorized” manner. It was one of these individuals who provided Wikileaks with the information recently published.

This is to be only the first installment of a series of more serious revelations from

what is known as “Vault 7,” which the website describes as the largest leak of confidential documents in history.

Assange, who has been confined to the Ecuadorian Embassy in London since 2012, following the “Year Zero” revelations stated,"It is impossible to keep effective control of cyberweapons. If you build them, eventually you will lose them," and insisted that a debate on the political, legal, and forensic dimensions of the problem is in order.


One of the most startling programs revealed included that to hack a Samsung smart TV - albeit a now discontinued model

The project named “One” used the microphone embedded in the screen as an electronic listening device, which could function even when the TV was turned off. The data recorded could be stored on the TV's hard drive and transmitted to CIA servers once the set was connected to the internet.

Older models of Samsung smart TVs are at the center of attention since the CIA has found ways to use them to record private conversations. Photo: Samsung
According to Wikileaks, the program was developed in collaboration with British intelligence services.


The leaked documents confirm that cell phones are the intelligence agency's preferred targets. These devices have become part of the daily lives of millions and contain all sorts of sensitive information about their users.

The CIA's programs were directed for the most part toward taking advantage of vulnerabilities in the phones' operating systems, be they Google's Android or Apple's iOs.

When an operating system is hacked, any application can be controlled, regardless of the system used to protect data.

For the companies involved, who have repeatedly described their wares as the world's safest, the news about how their weaknesses had been exploited arrived like a bucket of cold water.

Apple insisted that the majority of the vulnerabilities involved had already been patched in the latest version of their operating system, used in the famed Iphone and Ipad. Samsung, their great South Korean rival and leader in Android telephones, simply stated, “Protecting consumers' privacy and the security of our devices is a top priority.”


Another widely-used element of modern telecommunications, encrypted messaging services like Whatsapp, Signal and Telegram, also appear to be vulnerable.

The documents leaked show that the CIA has tools which can gain access to audio and text conversations conducted with these applications.

Experts have explained that the technique used does not involve breaking the codes used to encrypt messages, but rather takes advantage of the phone's vulnerabilities to access data before it is encrypted.

Open Whisper Systems, the company that developed the technology for the encrypted instant messaging app Signal, noted on Twitter that the documents published by Wikileaks show that hackers were able to introduce viruses into telephones, emphasizing,“The CIA / WikiLeaks story today is about getting malware into phones, none of the exploits are in Signal or break Signal Protocol encryption.”


The latest leaks showed that network computers, servers, and devices did not escape the attention of CIA hackers. Apple, Microsoft and Google were in trouble in 2013, when Snowden showed that the National Security Agency had access to their servers. It is now known that the CIA has ways to infect and control computers running on Windows operating systems. One such hacking tool with the codename “Hammer Drill” is designed to sabotage operating systems, and is spread via programs installed by CD or USB.

The Agency has also developed multi-platform weapons that are capable of exploiting vulnerabilities in computers running on MAC OS (Apple), Solaris and Linux.


Although the latest news on electronic spying may appear to be nothing new, many believe that these Wikileaks revelations have opened a new era.

On the Teknautas website, Sergio de los Santos, Innovation and Labs Leader at ElevenPaths, commented, “What's interesting is that many of the things we thought were science fiction are really possible.”

It is now perfectly plausible that the control systems of new automatically driven vehicles could be accessed, in the opinion of De los Santos, and used as to commit crimes.

Another program, “Umbrage,” would be able to take control of and operate the aggressive technology of other countries or agencies, with the objective of camouflaging their own actions and confusing investigators.

Snowden himself, who is still being sought by the United States to be prosecuted for the 2013 leaks, criticized his country's intelligence methods on Twitter, commenting, “Imagine a world where the actual CIA spends its time figuring out how to spy on you through your TV. That's today.”

No comments: