With the latest large leak dubbed “Vault 7” by the infamous WikiLeaks the broad reach of the CIA’s hacking abilities has come to light. WikiLeaks has claimed that this information is the first part of a major multi-stage release of information taken from the CIA’s Center for Cyber Intelligence based out of Langley Virginia. It is reported that the collection of tools including tojans, malware, viruses, and “zero day” exploits have been circulated by defense contractors in an under the table manner for some time. However, in the leak “Vault 7” WikiLeaks does not release the actual hacking tools or exploits, just documentation. However, let there be no mistake that the CIA’s hacking and collections was/are much larger the NSA’s.
This most recent leaks bring the Privacy vs. National Security issue to the forefront once again. At what point are both citizens and foreign nationals expected to give up their privacy in the name of “national security”? This is the fine line that the government has been tiptoeing for years, and in the the post-9/11 world they seem to lean more toward the national security side. The Fourth Amendment dictates that there are protections against unreasonable search and seizure, and bulk collection of data as well as targeted attacks definitely do not fit within the Fourth Amendment.
Unlike the NSA’s information leak by the infamous Edward Snowden, many of the programs outlined in the release are offensive in nature. These include exploits that would allow the agency to gain control of a vehicle’s control system and remotely execute commands. They also have the ability to cripple telecom networks or disable a whole nation’s internet. There is no doubt that these are cyber weapons, projects such as “UMBRAGE” have code/markers in them that make it appear as if other nations are the ones carrying out the attacks. One brief stated the project as the following: “With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the ‘fingerprints’ of the groups that the attack techniques were stolen from.” This misdirection and clandestine nature of many of the programs clearly highlights it’s offensive cyber warfare uses.
One other thing that should alarm people is the fact that the CIA has lost control of its cyber weapons. It is not only hackers that lurk the dark web that now have access to the tools and exploits but other nations. This posses the possible threat that the CIA’s own cyber weapons are used against itself and the United States. In addition, this release sets the US’s cyber warfare back significantly as manufactures and nations begin to patch holes.
You may be asking yourself: “Well, what do I do so I don’t get swept up in the broad net that the CIA has cast?” It’s easy — don’t use any electronics and don’t even stand near a “Smart TV” as the CIA has eight separate projects (ex. Weeping Angel) that tap and intercept communications near them. If that is not something that you are willing to do in this modern day and age, speak to your representatives.