The Wikileaks CIA Stash May Prove Interesting, But Not Necessarily for the Hacks

Wikileaks has released a huge number of files that it claims to be the “largest ever publication of confidential documents” from the U.S. Central Intelligence Agency. It includes details of a number of hacking tools, though at first blush they don’t appear to be as incendiary as their potential political ramifications.
The controversial organization published the first tranche of what it says will become a vast collection called Vault 7 on the morning of March 7. The first wave, called Year Zero, contains 8,761 documents and files from between 2013 and 2016.
At this point in time it’s impossible to have scoured the entire database. But Wikileaks claims that it contains descriptions of tools from the CIA’s hacking program. They are said to include malware that can turn Samsung TVs into covert listening posts, tools to remotely control vehicles, and a number of means to render encrypted messaging apps like WhatsApp and Signal redundant.
None of these approaches are particularly earth-shattering. Samsung had already admitted that its smart TVs could effectively spy on you. Security consultants showed that they could remotely control a Jeep Cherokee two years ago. And as Edward Snowden points out, the files don’t reveal a problem with encrypted messaging services themselves, though they do reveal that the CIA has a number of targeted exploits that allow them to gain partial remote access to iOS and Android.
To be sure, such hacks are sinister. But if we learned anything from Snowden’s disclosure of National Security Agency surveillance programs in 2013, it’s that government agencies feel it necessary to hack any technology the public chooses to use. And, unsurprisingly, little seems to have changed four years on. If the tools that Wikileaks is choosing to highlight in its first announcement of the new files are the most explosive, then the rest look set to underwhelm.
That’s not to say that the publication of the files won’t cause a stir. First, there are bound to be some juicy details lurking among the 8,761 files—but someone needs to find and make sense of them. Second, the files suggest that the CIA was in the practice of stockpiling zero-day vulnerabilities, so called because they give the author of a piece of software zero days to identify and distribute a solution. That may have run counter to processes initiated by the Obama administration in 2013, which demanded all departments follow procedures to decide whether it was reasonable to keep such vulnerabilities secret.
But perhaps most important is the timing. WikiLeaks claims that the files were “published as soon as its verification and analysis were ready.” But the leak comes at a moment when Donald Trump is railing against U.S. intelligence agencies, and it could, perhaps, provide a means for him to attack their intelligence gathering. WikiLeaks has previously dropped leaked files, such as the Hillary Clinton e-mail archive, at politically sensitive moments.
In other words: the political fallout of the leak looks set to outweigh the technical revelations, at least for now.
(Read more: WikiLeaks, “Security Experts Agree: The NSA Was Hacked,” “Wikileaks E-Mails Are an Election Influence to Really Worry About,” “Transparency and Secrets”)
Keep Reading
Most Popular
The inside story of how ChatGPT was built from the people who made it
Exclusive conversations that take us behind the scenes of a cultural phenomenon.
How Rust went from a side project to the world’s most-loved programming language
For decades, coders wrote critical systems in C and C++. Now they turn to Rust.
ChatGPT is about to revolutionize the economy. We need to decide what that looks like.
New large language models will transform many jobs. Whether they will lead to widespread prosperity or not is up to us.
Design thinking was supposed to fix the world. Where did it go wrong?
An approach that promised to democratize design may have done the opposite.
Stay connected
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.