On Tuesday, WikiLeaks published more than 8,700 documents and files purportedly taken from the Central Intelligence Agency’s Center for Cyber Intelligence, which appears to expose intimate details of America’s cyberespionage toolkit. However, it was not immediately clear how WikiLeaks obtained the information, code-named “Vault7”. The CIA tools, if authentic, could undermine the confidence that consumers have in the safety and security of their computers, mobile devices and even smart TVs.
According to WikiLeaks, the material came from “an isolated, high-security network situated inside the CIA’s Center for Cyber Intelligence in Langley, Virginia.” It didn’t say how the files were removed, such as possibly by a rogue employee, by hacking a federal contractor working for the CIA or breaking into a staging server where such hacking tools might be temporarily stored.
— WikiLeaks (@wikileaks) March 7, 2017
CIA spokesman Jonathan Liu made a statement to CBS News, saying, “We do not comment on the authenticity or content of purported intelligence documents.”
The thousands of documents cover a host of technical topics, such as how to compromise smart televisions and turn them into improvised surveillance devices. WikiLeaks said the data also include details on the agency’s efforts to subvert American software products and smartphones, including Apple’s iPhone, Google’s Android and Microsoft Windows.
“There’s no question that there’s a fire drill going on right now,” said Jake Williams, a security expert with Augusta, Georgia-based Rendition Infosec. “It wouldn’t surprise me that there are people changing careers — and ending careers — as we speak.”
Retired US intelligence official Bob Ayers, who is currently working as a security analyst, agreed, saying that the release was “real bad” for the agency.
The information dump could not immediately be authenticated by The Associated Press, and the CIA has declined to comment. According to experts who’ve started to sift through the material, it appeared legitimate and that the release was almost certain to shake the CIA.
WikiLeaks said the archive “appears to have been circulated among former US government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.”
If the authenticity of the documents is officially confirmed, it would represent yet another catastrophic breach for the US intelligence community at the hands of WikiLeaks and its allies, which have repeatedly humbled Washington with the mass release of classified material, including hundreds of thousands of documents from the State Department and the Pentagon.
WikiLeaks, which has been dropping cryptic hints about the release for a month, said in a lengthy statement that the CIA had “recently” lost control of a massive arsenal of CIA hacking tools as well as associated documentation.