FBI to hunt down mole over leaked CIA secrets

It was not immediately clear if the CIA - whose headquarters (left) is in Langley in Virginia - had sent a crimes report to the Justice Department, a formal mechanism alerting law enforcement agencies of a potentially damaging and illegal national se
It was not immediately clear if the CIA - whose headquarters (left) is in Langley in Virginia - had sent a crimes report to the Justice Department, a formal mechanism alerting law enforcement agencies of a potentially damaging and illegal national security slip.PHOTO: REUTERS

WikiLeaks releases nearly 9,000 classified documents detailing agency's alleged mass hacking

WASHINGTON • The Federal Bureau of Investigation (FBI) has begun preparing for a major mole hunt to determine how anti-secrecy group WikiLeaks got an alleged arsenal of hacking tools the Central Intelligence Agency (CIA) had used to spy on targets, according to people familiar with the matter.

The latest revelations about the United States government's powerful hacking tools potentially take surveillance right into the homes and pockets of billions of technology users worldwide, showing how a remarkable variety of everyday devices can be turned to spy on their owners.

Televisions, smartphones and even anti-virus software are all vulnerable to CIA hacking, according to the documents. The capabilities described include recording the sounds, images and private text messages of users, even when they resort to encrypted apps.

The trove released on Tuesday, which could not be independently verified and the CIA has declined to confirm, included 8,761 documents - the first batch in a series of planned releases, WikiLeaks said.

LATEST UPDATE IN USERS' HANDS

Our products and software are designed to quickly get security updates into the hands of our customers, with nearly 80 per cent of users running the latest version.

APPLE, in a statement after the WikiLeaks disclosures.

The leak poses an early test for US President Donald Trump who professed he loved WikiLeaks during his election campaign.

WikiLeaks said it obtained portions of the CIA's hacking archive, which has several hundred million lines of code.

It added that it withheld releasing "armed" cyber weapons until "a consensus emerges on the technical and political nature of the CIA's programme and how such 'weapons' should be analysed, disarmed and published".

It was not immediately clear if the CIA had sent a crimes report to the Justice Department - a formal mechanism alerting law enforcement agencies of a potentially damaging and illegal national security leak.

Such a report would offer the FBI a road map for where to begin investigating and whom to question.

While many of the attack technologies had been previously discussed at cyber security conferences, experts were startled to see evidence that the CIA had turned so many theoretical vulnerabilities into functioning attack tools.

These include widely used Internet routers and smartphones as well as Mac and Windows computers. One of the alleged hacking targets was the Samsung smart television which could be used to listen in on owners.

The CIA reportedly also has studied whether it could infect vehicle control systems for cars and trucks, which WikiLeaks alleged could be used to conduct assassinations.

And a specialised CIA unit called the Mobile Devices Branch produced malware to control and steal information from iPhones, which according to WikiLeaks were a particular focus because of the smartphone's popularity "among social, political, diplomatic and business elites".

Technology companies have responded to the leaks.

Samsung said protecting its consumers' privacy and its devices' security "is a top priority" and it is "urgently looking into the matter".

Apple urged customers to download the latest iOS to ensure they have the latest security update.

The agency also targeted popular phones running Google's Android, the world's leading mobile operating system.

Google said it is "actively investigating" the disclosures.

By targeting devices, the CIA reportedly gained access to even well-encrypted communications on such popular apps as Telegram, Signal and WhatsApp, without having to crack the encryption itself.

Telegram said on Twitter that the problem was with phones and operating systems, not its messaging app.

The material highlights specific anti-virus products that can be defeated, going further than a release of National Security Agency hacking tools last year.

The WikiLeaks release revealed that the CIA has sophisticated "stealth" capabilities that enable hackers not only to infiltrate systems but also to evade detection as well as abilities to move inside a system freely as if they owned it.

Microsoft said it will patch any security vulnerabilities that turn up from the disclosures.

WikiLeaks said it redacted lists of CIA surveillance targets, though it said they included targets and machines in Latin America, Europe and the US.

The agency uses the US consulate in Frankfurt, Germany, as a "covert base for its hackers", according to WikiLeaks.

The German government yesterday said it took the publication of the CIA documents seriously but could not verify their authenticity.

A spokesman for the Foreign Ministry said Germany is in close touch with the American authorities on the issue.

WASHINGTON POST, NYTIMES, BLOOMBERG

A version of this article appeared in the print edition of The Straits Times on March 09, 2017, with the headline 'FBI to hunt down mole over leaked CIA secrets'. Print Edition | Subscribe