Who is the CIA’s favourite author? You guessed it, George Orwell. At least that’s what its apparent fondness for TVs as surveillance devices leads us to conclude.
WikiLeaks has released 8,761 documents, nicknamed Vault 7, which claim to detail the capabilities of the CIA to spy on individuals, as well as the technologies which it has at its disposal to hack into what seems like most devices. While this tidal wave of information will have privacy advocates shifting uncomfortably in their seats, the worst may still be yet to come.
This release is part of a wider series, nicknamed Year Zero. This is only part of the CIA’s activity, there’s more to come. The nickname comes from the term Zero Days, which has been given to the collective of all the tools referring to the amount of time vendors have had to fix vulnerabilities before they are used.
“Year Zero introduces the scope and direction of the CIA’s global covert hacking program, its malware arsenal and dozens of zero day weaponized exploits against a wide range of US and European company products, include Apple’s iPhone, Google’s Android and Microsoft’s Windows and even Samsung TVs, which are turned into covert microphones,” WikiLeaks said in a statement.
“Since 2001 the CIA has gained political and budgetary pre-eminence over the U.S. National Security Agency (NSA). The CIA found itself building not just it’s now infamous drone fleet, but a very different type of covert, globe-spanning force — its own substantial fleet of hackers. The agency’s hacking division freed it from having to disclose its often-controversial operations to the NSA (its primary bureaucratic rival) in order to draw on the NSA’s hacking capacities.”
So, what have the CIA been targeting? Firstly, let’s deal with smartphones.
As we are now a generation which cannot do anything without a smartphone being within reaching distance, it makes sense the CIA has focused a lot of its attention here. Smartphones can be used as extraordinarily accurate tracking devices for persons of interest.
In the documents, 25 techniques for hacking Android devices were listed, as well as a further 14 for iOS devices. It’s worth noting most these are dated, for example there doesn’t seem to be a mention of iOS 10 in the documents, but it’s still worrying nonetheless.
For Android devices, the documents reveal eight remote-access exploits meaning the CIA no-longer has to be in physical contact with the device to hack. iOS is a bit more complicated, and it does appear the spooks have yet to completely violate iLifers to date with one swoop. However, combining several different hacking techniques and tools will answer this problem. It’s a bit more long-winded, but if the CIA wants access to iPhones, Apple should probably make them work for it.
Although iLifers are justified to be worried, according to Techcrunch, Apple has said its already fixed a number of the exploitations mentioned in the report and it is working to address any new vulnerabilities. Google has yet to comment on its own progress in fixing the Android weak spots.
Infected phones can be instructed to send the CIA the user’s geolocation, audio and text communications as well as covertly activate the phone’s camera and microphone. This step is quite important, as it allows the spooks to get around the encryption techniques put in place by messaging apps such as WhatsApp and Signal.
The security features of these apps have been created by Open Whisper Systems, a security company which came under fire a few weeks ago. According to The Guardian, there was a backdoor in the systems encryption which was strongly denied by the Open Whisper Systems team. However, the CIA doesn’t seem to have been able to find this vulnerability, assuming it exists.
It would appear the encryption is sound and unhackable for the moment, however, but taking control of the device itself, the CIA can intercept the message before it goes through the security white-wash. It’s a PR win for Open Whisper Systems, but does make the process of encryption redundant in this instance.
Smart TVs are another area which has been targeted, more specifically, Samsung’s Internet ready models. One saving grace here is that the devices can apparently only be compromised via a USB stick, not remotely. It’s a minor win, but it seems likely the CIA is working on a way to make this more efficient.
A hacking tool called Weeping Angel has been developed which turns the TVs into listening devices in the living room. A feature of the tool, known as Fake-Off, disables the devices LEDs to trick anyone in the vicinity that the device is switched off, while it continues to secretly capture audio. On a to-do list, the spooks are said to be investigating how the TVs can be used to capture video, as well as tap into the wifi to remotely transmit the data.
Perhaps the most worrying facet of the report is the interest in IoT devices. IoT has already been identified as a significant security risk due to the number of entry points into the network. As the number of devices increases so does the perimeter of the network which needs to be protected. Protecting the network is currently a difficult and thankless task, but add in an extra couple of billion gateways and the task become exponentially more difficult.
While the capabilities do not seem to be there currently, the leak indicates the CIA has a dedicated team investigating how the Internet of Things can be turned into a world-wide, and incredibly detailed, web of spy devices. Considering the number of different ‘connected’ things which are popping up on the market every day, from t-shirts to fridges to street lights, the breadth of information which could be collected is staggering.
In one document, the CIA discusses creating a new tool which has the same functionality as the aforementioned Weeping Angel, specifically for the growing IoT world. In the same document, the connected car is highlighted as an area of interest. The team responsible for this area is known as the Embedded Devices Branch, with the documents dated back to 2014.
Considering the growing popularity of smart home devices, smart city solutions and connected wearable devices (might be in decline, but there are still a lot of them), this is a worrying discovery. Even more worrying is the weight the telco industry has thrown behind IoT. IoT is viewed by many as the saving grace of the telco industry, any damage to the credibility of the technology will be a heavy body shot for the already battle-weary telcos.
Perhaps even more concerning for privacy advocates in Europe is the laissez-faire attitude of some Americans in reaction to the revelation. HelpNetSecurity did a great job in collating various tweets reacting to the news, and many Americans don’t seem that bothered, in fact, there is a ‘it’s their job’ attitude which seems to surrender any sense of accountability.
This is a major reason for the presence of a EU-US Privacy Shield and why it needs to be as robust as possible. The definition of data privacy rights and the role of intelligence agencies differs between the two regions. While EU citizens are protected inside the EU, once data transfers inside the American borders the EU-US Privacy Shield is supposed to maintain these rights, which many critics believe it doesn’t.
Data protection may not be the sexiest of topics in the world of technology, media and telecommunications, but revelations such as this underline the critical importance to the industry.
Many people are unlikely to be surprised what the CIA is doing, but this itself is a problem. As a society, we have become accustomed to being spied on, whether by businesses, social media platforms or intelligence agencies; it’s become a normal part of life. The level (or lack thereof) of accountability, and the vast scale at which the CIA can access intimate details of our lives with very little effort is very worrying.