Wednesday, March 8, 2017

To Whom The Wiki-Benefit?

Jon Fingas over at Engadget has details of WikiLeaks' latest package of alleged CIA technical documents, revealing tools the agency reportedly uses to get around encryption and to spy on people. The "Level 7" documents come just a few days after Trump's paranoid tirade that Obama had Trump Tower bugged and once again it's Julian Assange's outfit that comes riding the Trump regime's rescue.

WikiLeaks just ignited another powder keg. Julian Assange's outfit has posted the first of a string of CIA leaks, nicknamed Vault 7, that purports to reveal the agency's "entire hacking capacity." The information is said to have escaped an "isolated" secure network at the CIA's Center for Cyber Intelligence in Virginia, and indicates that the organization has far-reaching abilities to snoop on modern technology... including encrypted apps that are supposed to be tough to crack.

According to WikiLeaks, the CIA has horded a slew of zero day (that is, unpatched) exploits that let it infiltrate a slew of platforms, including current desktop and mobile platforms, network routers, smart TVs and antivirus software. Notably, the CIA is capable of bypassing the encryption for secure chat apps like Confide, Signal, Telegram and WhatsApp -- the agency compromises the phone and intercepts message traffic before encryption kicks in. It's not as significant as cracking the encryption itself (these apps are still safer), but it's still noteworthy. Also, the mobile teams have reportedly produced malware that can compromise Android and iOS devices that run or have run "presidential Twitter accounts" -- a particular problem for the current Commander-in-Chief.

Other infiltration methods are similarly sneaky. An attack against Samsung smart TVs, built in tandem with the UK's MI5 agency, quietly leaves a set turned on so that it can record conversations like a giant wiretap device. And when the CIA needs physical access to a device, it sends an agent out with a USB drive that grabs data from a PC while a decoy app runs in the foreground. Malware is designed to avoid any fingerprints that would lead back to the CIA or its partners, and even the infection patterns are meant to throw people off the scent. Code can lurk in a device for years.

The leak also goes into some of the organizational structure of the CIA's digital surveillance efforts, including some security concerns. It notes that the US consulate in Frankfurt doubles as a base for CIA hackers targeting Europe, the Middle East and Africa, giving them freedom to travel throughout much of Europe once they arrive. However, it also appears that the agency's malware, command and control tools and listening post software are all labeled as unclassified -- there's not much officials can do if it gets out into the wild, which it clearly has given the leak. There's a similar worry that the CIA's propensity to hog zero day exploits is violating the government's Vulnerabilities Equities Process, which promises that the government will share flaws with companies on a continuous basis.

So again, a whole bunch of CIA tools, techniques, and tradecraft just happen to show up on WikiLeaks within hours of when the world starts thinking that the Trump regime has all but confirmed wrongdoing with Russia.  Suddenly now the story is back to the eeeeeeeeeevil intelligence community and how noble patriot Trump is right to consider them a problem. 

It also happens to blow yet another giant hole in America's cyber-counterintelligence capabilities just as stories about CIA cyberwar with North Korea surface and how effective the CIA has been at stopping Pyongyang from getting too far down the road of nuke technology.  That just got thrown in the trash can overnight.

And finally, please note the documents claim the CIA can make their cyber-snooping look like anyone but the CIA is behind it, which of course has both Trumpies and Moscow screaming that the entire Trump-Russia kerfuffle is in fact a giant false flag operation by Obama to harm Great Patriot Friend Donald Trump.

And lo and behold, now people are saying "Well maybe Trump wasn't crazy after all."

Funny how that exact coincidental timing works when Trump needs "evidence" of his conspiracy theory, and it magically appears once again thanks to his good friend Julian Assange.

No comments:

Post a Comment