Connectivity

The Wikileaks CIA Stash May Prove Interesting, But Not Necessarily for the Hacks

The software tools revealed by the leak are sinister, unsurprising—and potentially politically explosive.

Wikileaks has released a huge number of files that it claims to be the “largest ever publication of confidential documents” from the U.S. Central Intelligence Agency. It includes details of a number of hacking tools, though at first blush they don’t appear to be as incendiary as their potential political ramifications.

The controversial organization published the first tranche of what it says will become a vast collection called Vault 7 on the morning of March 7. The first wave, called Year Zero, contains 8,761 documents and files from between 2013 and 2016.

At this point in time it’s impossible to have scoured the entire database. But Wikileaks claims that it contains descriptions of tools from the CIA’s hacking program. They are said to include malware that can turn Samsung TVs into covert listening posts, tools to remotely control vehicles, and a number of means to render encrypted messaging apps like WhatsApp and Signal redundant.

None of these approaches are particularly earth-shattering. Samsung had already admitted that its smart TVs could effectively spy on you. Security consultants showed that they could remotely control a Jeep Cherokee two years ago. And as Edward Snowden points out, the files don’t reveal a problem with encrypted messaging services themselves, though they do reveal that the CIA has a number of targeted exploits that allow them to gain partial remote access to iOS and Android.

To be sure, such hacks are sinister. But if we learned anything from Snowden’s disclosure of National Security Agency surveillance programs in 2013, it’s that government agencies feel it necessary to hack any technology the public chooses to use. And, unsurprisingly, little seems to have changed four years on. If the tools that Wikileaks is choosing to highlight in its first announcement of the new files are the most explosive, then the rest look set to underwhelm.

That’s not to say that the publication of the files won’t cause a stir. First, there are bound to be some juicy details lurking among the 8,761 files—but someone needs to find and make sense of them. Second, the files suggest that the CIA was in the practice of stockpiling zero-day vulnerabilities, so called because they give the author of a piece of software zero days to identify and distribute a solution. That may have run counter to processes initiated by the Obama administration in 2013, which demanded all departments follow procedures to decide whether it was reasonable to keep such vulnerabilities secret.

But perhaps most important is the timing. WikiLeaks claims that the files were “published as soon as its verification and analysis were ready.” But the leak comes at a moment when Donald Trump is railing against U.S. intelligence agencies, and it could, perhaps, provide a means for him to attack their intelligence gathering. WikiLeaks has previously dropped leaked files, such as the Hillary Clinton e-mail archive, at politically sensitive moments.

In other words: the political fallout of the leak looks set to outweigh the technical revelations, at least for now.

(Read more: WikiLeaks, “Security Experts Agree: The NSA Was Hacked,” “Wikileaks E-Mails Are an Election Influence to Really Worry About,” “Transparency and Secrets”)

The latest Insider Conversation is live! Listen to the story behind the story.

Subscribe today
Already a Premium subscriber? Log in.

Uh oh–you've read all of your free articles for this month.

Insider Premium
$179.95/yr US PRICE

More from Connectivity

What it means to be constantly connected with each other and vast sources of information.

Want more award-winning journalism? Subscribe to Insider Premium.
  • Insider Premium {! insider.prices.premium !}*

    {! insider.display.menuOptionsLabel !}

    Our award winning magazine, unlimited access to our story archive, special discounts to MIT Technology Review Events, and exclusive content.

    See details+

    What's Included

    Bimonthly home delivery and unlimited 24/7 access to MIT Technology Review’s website.

    The Download. Our daily newsletter of what's important in technology and innovation.

    Access to the Magazine archive. Over 24,000 articles going back to 1899 at your fingertips.

    Special Discounts to select partner offerings

    Discount to MIT Technology Review events

    Ad-free web experience

    First Look. Exclusive early access to stories.

    Insider Conversations. Listen in as our editors talk to innovators from around the world.

/
You've read all of your free articles this month. This is your last free article this month. You've read of free articles this month. or  for unlimited online access.