Inside | Real news, curated by real humans
Inside Security

Inside Security (Mar 8th, 2017)

WikiLeaks has published thousands of documents that reportedly come from the CIA's Center for Cyber Intelligence. The trove covers a lot of ground, including a description of an arsenal of various malware tools to break into phones, smart TVs (which could be turned into covert microphones) and regular Windows PCs.

Here is my summary of what we know about this collection of information, and some links to both good and bad reporting on the incident. 

-- David Strom, editor of Inside Security

  • Email gray
  • Permalink gray

Are these documents for real?  The CIA, naturally, isn’t saying. The collection could come from Russian spies and be a complete head fake. The documents don’t include any code for the hacking tools mentioned, so it is hard to prove their authenticity. Bleeping Computer has this list of the actual tool names and what they do.

What is new? Not much.  While the knowledge about the specific scope and depth of activities is new, overall this is what the CIA and other spy agencies do: they target specific individuals and try to gain access to their digital lives. The New York Times says, “But the CIA program seems to have been particularly sophisticated, far-reaching and focused on surveillance.” The bad news, according to security writer Matt Blaze, “is that platform exploits are very powerful. The good news is that they have to target you in order to read your messages.”

Are they hoarding specialized “zero day” exploits? Unclear. One report says the CIA had produced 24 different Android “zero day” software programs. Another says not true: “they aren't keeping 0days back in a vault somewhere -- if they have 0days, they are using them.” Indications are none of this is truly state of the hacking art. (See this internal document on comparisons between what the hacking groups of the CIA and NSA have accomplished.) Robert Graham blogs that “The sort of thing the [CIA does] is bribe, blackmail, or bedazzle some human asset (like a technician in a nuclear plant) to stick a USB drive into a slot.”

But this proves that the CIA is neutralizing encryption, right? Wrong. What was discussed was leveraging physical access to the entire device and all of the apps running on it. Nothing new here, despite what the NYTimes and Mashable tweeted and reported on (and later corrected).

What has been the reaction of the vendors involved? Apple, Microsoft and Samsung have released various statements that range from “we are looking into the exploits mentioned” to “nothing to see here, move on,” according to the BBC. Apple’s response for example, said they have fixed many of the exploits already. Google hasn’t said anything about the various Android exploits. It will take some time to suss this all out, to be sure.

What, me worry? Not so much. “Unless you're a high-value target, such as a terrorist, arms dealer, foreign politician or diplomat or, well, a spy, the CIA will probably not be interested in what's on your phone,” says Tom’s Guides. Agreed.

Should you toss out your Alexa/Google Home device? Yes, if you are ultra paranoid. And maybe you should unplug that smart TV too when you aren’t using it. Although the documents don’t talk about remotely accessing a TV: a spy still needs physical access to your living room to install malware on your TV, smartphone or computer. At least, the kind of malware mentioned in these documents.  

What can ordinary business folks learn from this? These suggestions to people traveling to Germany, such as having a low-credit line card used exclusively for travel, pick your hotels carefully and carry a minimal laptop are interesting and could be instructive. In the meantime, keep your phones and other devices updated to the latest OS releases.

How damaging is this trove of documents to our national security? Estimates vary all over the map. "First, the CIA’s ability to access the target devices and technologies is certainly compromised. Second, the release appears to contain highly sensitive organizational and operational internal CIA information, the uses of which by foreign intelligence services can only be imagined. Third, actual tools used for hacking by the CIA appear to have been obtained, but not yet released." These are opinions of Robert Cattanach, a partner at the law firm Dorsey & Whitney.

  • Email gray
  • Permalink gray

Finally, some other reactions

The Twitterverse has had some amusing things to say:  “Just an agency doing targeted work as you’d expect,” “Wikileaks purposely installs FUD in the most vulnerable,” “Almost everything in their dump is dreadfully ordinary,” and more.

  • Email gray
  • Permalink gray

Many thanks to Inside Security's corporate supporters.  Please go check them out!


Endgame's endpoint security platform protects the world’s largest organizations from targeted attacks, eliminating the time & cost associated with incident response. Learn more


Nok Nok Labs has the ambition to transform authentication, by unifying it into one standard protocol, giving business the control they need. Learn more


Find out why Global Leaders are trusting HackerOne to test and secure their mission-critical applications




[YOUR LOGO HERE – click for details]

Subscribe to Inside Security