National

CIA turned phones, TVs into spy devices, hid flaws from companies, WikiLeaks says

The Central Intelligence Agency has a hacking division to rival that of the National Security Agency, WikiLeaks said Tuesday. The floor of the main lobby of the Central Intelligence Agency in Langley, Va., Jan. 21, 2017.
The Central Intelligence Agency has a hacking division to rival that of the National Security Agency, WikiLeaks said Tuesday. The floor of the main lobby of the Central Intelligence Agency in Langley, Va., Jan. 21, 2017. AP

A formidable CIA hacking division has amassed hundreds of tools to control smartphones and TVs, and it employed hidden flaws in products made by trusted firms such as Apple, Microsoft and Google for espionage purposes without notifying the companies of the vulnerabilities, WikiLeaks said Tuesday.

WikiLeaks released what it said were 8,761 documents taken from the CIA’s Center for Cyber Intelligence in Langley, Virginia, in what it described as “the largest intelligence publication in history.”

The documents indicate that the CIA has collected “more than a thousand hacking systems, trojans, viruses and other ‘weaponized’ malware” that allow the agency to seize direct control of devices made by the biggest high-tech firms worldwide. One document indicated that the unit sought to develop ways to commandeer the control systems of vehicles.

UnifyID chief executive John Whaley talks about how smartphones can use 'implicit authentication' so that users don't need to always be identifying themselves on the internet.

WikiLeaks said the CIA had purposefully withheld information from the manufacturers about the vulnerabilities in their systems, undercutting a 2014 pledge by former President Barack Obama to disclose the vulnerabilities so they could be patched and made safe.

A CIA spokesman declined to say whether the published materials were authentic.

“We do not comment on the authenticity or content of purported intelligence documents,” spokesman Jonathan Liu said.

White House spokesman Sean Spicer also declined to comment. The House Intelligence Committee chair, Rep. Devin Nunes, R-Calif., called the WikiLeaks disclosure “very, very serious.”

The documents obtained by WikiLeaks, which the anti-secrecy group said span 2013 to 2016, reveal an arsenal of malware and dozens of “zero day” exploits against a wide range of products, including Apple’s iPhone, Google’s Android, Microsoft’s Windows and even Samsung smart televisions, which can have their microphones activated covertly.

A “zero day” is a previously undetected hole or vulnerability in software. It is so named because a victim has zero time between discovery of the flaw and penetration by an attacker.

Some of the tools disclosed in the documents would allow the penetration of networks, implantation of malicious code, control of systems and removal of material. The tools target all kinds of everyday work and entertainment devices, from networks and desktop computers to smartphones and even computerized vehicle operating systems.

Specific tools target the most popular brands of smartphones, giving remote operators access to the phone’s location and its audio and text communications, and permitting covert activation of the camera and microphone, perhaps from a great distance.

While iPhones compose only 14.5 percent of the global smartphone market, WikiLeaks said the focus on Apple’s iOS operating system “may be explained by the popularity of the iPhone among social, political, diplomatic and business elites.”

The documents indicate that the CIA controlled 24 different vulnerabilities for Google’s Android operating system, which is used in as many as 5 out of 6 smartphones worldwide.

“These techniques permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Weibo, Confide and Cloackman by hacking the smartphones that they run on and collecting audio and message traffic before encryption is applied,” WikiLeaks said.

One document reveals collaboration between the CIA and Britain’s premier electronic signals intelligence agency, known as GCHQ, as well as a private cybersecurity company, Baitshop, in finding vulnerabilities in the iPhone.

Another document shows collaboration between the CIA unit and MI5, the British domestic spying agency, to create “Weeping Angel,” a program that turns Samsung smart TV sets into covert listening devices.

Colorful names of other CIA hacking tools include “Brutal Kangaroo,” “Assassin,” “Hammer Drill,” “Swindle” and “Cutthroat.” The leaked documents indicated that the CIA tools could jump into isolated systems unconnected to the internet, maintain network infections after discovery and hide data in images.

WikiLeaks said the CIA unit had “lost control” of much of its hacking arsenal and that the cyber weapons now circulated among hackers and contractors associated with the Center for Cyber Intelligence. It did not provide many details. It said one of those people objected to the unit’s lack of accountability and duplication of efforts with the National Security Agency, a rival intelligence arm, and had given the material to WikiLeaks to spark public discussion.

“The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyber weapons,” WikiLeaks said.

Major U.S. high-tech companies did not offer immediate reaction but they are likely to be angry over the government’s keeping vulnerabilities from them. In 2014, Obama ordered that if any agency wanted to keep a “zero day” vulnerability out of the public eye, it would have to argue its case to an Equities Review Board chaired by the National Security Council.

U.S. Rep. Ted Lieu, D-Calif., called for an immediate congressional investigation.

“We need to know if the CIA lost control of its hacking tools, who may have those tools and how do we now protect the privacy of Americans,” Lieu said in a statement, adding that the “ramifications could be devastating.”

In other disclosures, WikiLeaks said:

▪  The CIA operated a covert hacker base out of the U.S. consulate in Frankfurt, Germany, traveling throughout Europe from there.

▪  One CIA hacker unit, known as UMBRAGE, took malware from nations like Russia and adapted it for CIA purposes, with the intent of leaving the cyber “fingerprints” of another nation behind, throwing people off the trail. The technique was used in webcam capture, data destruction and escalating through target networks, according to the documents.

▪  A CIA tool known as Fine Dining could be loaded on a thumb drive and plugged into a target computer in front of the victim, ostensibly to show a video, play a computer game or run a fake virus scanner. While the decoy program runs, the underlying system is “ransacked.”

The Center for Cyber Intelligence is directly under one of five directorates at the top of the CIA, the Directorate of Digital Innovation, according to an organizational chart.

Exiled NSA whistleblower Edward Snowden, in a tweet, described as “reckless beyond words” the CIA practice of finding vulnerabilities in products, then allowing the holes to remain open.

Vince Houghton, a historian and curator at the International Spy Museum in Washington, said much of the information in the leak was likely dated.

“Even if you pulled CIA programs from six months ago, they might already be obsolete,” said Houghton, an Army veteran who served in the Balkans and worked with intelligence agencies. “The speed at which these cyber programs work, if you haven’t pulled something from yesterday it might already be obsolete.”

WikiLeaks said in a statement that it had redacted 70,875 portions of the released documents, including names, internet protocol addresses and specific coding for malware that could be used by criminals or others.

Kevin G. Hall contributed to this report.

Tim Johnson: 202-383-6028, @timjohnson4

  Comments