The secret is out. Wikileaks has released a series of documents on the CIA that specify how the spy agency has been snooping on our private data using our smart home devices.
As a part of the series code-named ‘Vault 7’, “Year Zero” comprises of nearly 8,761 documents that give a detailed expose of CIA’s covert activities between 2013 and 2016 and how the organisation used smartphones and smart TVs to track people and get secret information.
According to Wikileaks, the spy agency recently lost control of the majority of its cyber arsenal which includes ‘malware, viruses, trojans, malware remote control systems and associated documents’. This information not only poses a threat to the CIA but also puts at risk the individuals whose information the organisation has been collecting over the years.
According to the Wikileaks, over 5000 users registered with the CIA have produced over 1000 hacking systems and other weaponised malware that was used to infect devices by a number of American and European companies including Apple, Google, Microsoft and even Samsung TVs. CIA used a sophisticated surveillance technique called “Weeping Angels” to infests Samsung’s smart TVs. “The attack against Samsung smart TVs was developed in cooperation with the United Kingdom’s MI5/BTSS,” Wikileaks wrote in a press release.
The organisation used its malware arsenal to target smartphones. Once infected these smartphones could send the CIA the user’s geolocation, audio and text messages and as well as covertly activate the phone’s microphone and camera. The organisation explicitly targeted the devices running on Apple’s iOS given its popularity in political and elite class. Devices running on Google’s Android faced a similar number of attacks and include devices by Samsung, HTC and Sony, given that 85% of the world’s smartphones run on it.
The scary fact about this malware is that they can easily bypass the encryption by the Internet-based messaging services like WhatsApp, Signal, Telegram as they hack into the smartphone directly and collect information even before the data is encrypted. The strength of CIA’s malware can be determined by the fact that even the devices running on some of the most secure operating systems including Windows, Mac OS X, Solaris and Linux too have been infected by the CIA’s malware.
The agency uses a number of tools like ‘Fine Dining’, ‘UMBRAGE’ and ‘HIVE’ that on the surface seem like a media player playing music or an anti-virus program running a security check, but are indeed collecting data and embedding bugs that can remain dormant in the infected system for years and can be reactivated remotely without Internet connectivity.
The company hires hackers to program such advanced malware. However, the issue with these hackers is that the rival agencies are constantly competing to hire them thus putting valuable information at risk.
The agencies take advantage of the vulnerabilities present in these smartphones and smart home devices to snoop into the private data of individuals. The organisation not only made all information regarding its operations ‘unclassified’ but has also refused to share details regarding the vulnerabilities in these devices with the manufacturers so that these flaws can be eliminated. The problem with this non-cooperation is that if CIA can detect them, so can the rival agencies and the cyber mafias, leaving confidential information and private details of individuals at the helm of the hackers.