Close Menu
    Tuesday, November 5
    WikiLeaks

    WikiLeaks Released Another Batch of Information on CIA Surveillance

    1
    By on Cybercrime, Data, Government, Hackathons, Report, Security, Technology

    Julian Assange’s whistleblowing service revealed the CIA is still able to hack consumer devices, which has already raised many questions for users and tech firms alike. Apparently, the agency targets all everyday consumer devices including smartphones, computers, and even smart TVs.

    The Wikileaks’ release shows that the CIA maintains the technical capability to hack all popular consumer devices, as the agency’s documents contain a description of thousands of the vulnerabilities, including the flaws which were discovered by independent security researchers and published to encourage the manufacturers to fix them, as well as the vulnerabilities discovered by the CIA itself or by partner organizations like the UK’s GCHQ.

    The leak dates to mid-2016, and the vendors have since patched many of the mentioned hacking tools. This means that if your device were fully up-to-date, it would be safe from such attacks. However, some flaws, including the attacks on version 9.0 of iOS, have been unfixed at the time the documents were made.

    In the meantime, the US government has denied discovering and stockpiling the flaws, saying that it just reports such vulnerabilities to manufacturers for fixing, but the CIA appears likely to have similarly up-to-date hacking tools today, which would enable it to break into even fully-patched devices.

    For example, the recent release (dubbed “Vault 7”) details the iOS exploit known as “Earth/Eve”, apparently purchased by the NSA from an unnamed researcher. This flaw only works on iPhones and iPads running iOS versions 7 and 8 and was fixed in the release of iOS 9 in September 2015. The leak also describes flaws that had not been fixed by the time of the leak. They are called “zero days”, as the vendors have had zero days to fix them before they are used, and have likely been replaced by more zero-days if fixed by the vendors.

    It also turned out that the CIA used the techniques to bypass the encryption of popular encrypted chat apps like WhatsApp and Signal – without hacking the apps themselves. In simple words, the agency used “endpoint attacks”, which simply waited until the message is decrypted to be displayed on your screen – like someone waiting for you to open your letter before reading it over your shoulder.

    Share.

    Tapiwa Matthew Mutisi has been covering blockchain technology, intelligent technologies, cryptocurrency, cybersecurity, telecommunications technology, sustainability, autonomous vehicles, and other topics for Innovation Village since 2017. In the years since, he has published over 4,000 articles — a mix of breaking news, reviews, helpful how-tos, industry analysis, and more. | Open DM on Twitter @TapiwaMutisi

    Related Posts

    1 Comment

    1. Pingback: US wins their latest appeal over extradition of WikiLeaks founder Julian Assange - Innovation Village | Technology, Product Reviews, Business

    Leave A Reply