On Tuesday, WikiLeaks revealed a huge batch of hacking tools presumably obtained by former employees of the U.S. Central Intelligence Agency (CIA). The files contain cyber weapons used to spy on devices running Android, iOS, Windows, and more.
The organization’s press release referred to this new series of leaks as Vault 7 and codenamed the first part released today as Year Zero. This first leak consists of nearly 9,000 documents detailing the hacking arsenal of the government agency.
Neither the CIA nor the companies reportedly affected by the spying tech have made any statements about the historic leak.
Samsung, Apple, Google, and Microsoft are compromised
Perhaps the most notable remark by the WikiLeaks team is that the CIA has expressly targeted tech giants such as Apple, Google, Microsoft, and Samsung and their proprietary devices with dedicated malware.
In the case of Samsung, for example, the agency’s Embedded Devices Branch (EDB) worked together with their British counterpart at MI5 to develop an exploit capable of turning Smart TVs into covert microphones.
‘Weeping Angel’ is the name of this tool, which sets the TV into a fake off mode. The game seems to be turned off, but it secretly keeps its listening capabilities active to record and relay conversations in the room.
Similarly, the CIA’s Mobile Development Branch (MDB) developed tools designed to access, control, and extract data from both Android smartphones and iPhones. In the case of Apple products, the breach extends to other iOS devices like iPads.
What’s more, Year Zero exploits show that the government can bypass encryption systems in mobile messaging apps such as WhatsApp, Telegram, Signal, and others. Hacking tools can detect and retrieve messages before they are encrypted.
Computers are not safe either from code exposed in the latest Year Zero leak, showing that systems running on either Windows, Mac OS X, Linux, Solaris, and others are vulnerable to remote access and control by the intelligence body.
What does this mean for users and higher entities?
The first thing people should know is that this is not something wildly unexpected. Experts have always speculated about the extent of the CIA’s hacking arsenal, but it was always a reasonable theory that they had cracked most of the world’s most popular systems.
For diplomats, organizations, politicians, high-profile executives and officials, this means bad business. The revelations originated from Vault 7 compromise nearly everyone in the U.S. and the world who is regularly in touch with one of these devices.
“BY HIDING THESE SECURITY FLAWS FROM MANUFACTURERS LIKE APPLE AND GOOGLE, THE CIA ENSURES THAT IT CAN HACK EVERYONE AT THE EXPENSE OF LEAVING EVERYONE HACKABLE,” says WikiLeaks.
The government agency has yet to respond to the accusations stemming from the press and the global community. Tech giants have also remained silent in the face of these new tools coming to light.