The anti-secrecy group WikiLeaks on Tuesday began posting thousands of documents that it claims came from the CIA’s Center for Cyber Intelligence. The dump has not been immediately authenticated, but if the data about how the agency does its cyber-spying is real it would represent an extraordinary breach of the government’s top-secret treasure trove.
The CIA did not comment, but media outlets including the Associated Press, the New York Times and the Washington Post were quickly serving up, minute by minute throughout the morning, the latest information about the dump as soon as it became available. One expert who examined the dump, Rendition Infosec founder Jake Williams, told the AP it appeared legitimate.
Here’s an easy guide to some the most compelling stuff being released by various media organizations. There are lots of documents to sift, so this is bound to get better as the day goes on:
THIS COULD BE THE MOTHER OF ALL DATA DUMPS
In its latest file-sharing move, WikiLeaks is starting off with the release of 7,818 web pages with 943 attachments, which translates into several hundred million lines of computer code secretly created by the CIA. The documents, which the group has nicknamed “Vault 7,” appear to rival some of the biggest data dumps in recent history, including the quarter-million diplomatic dispatches taken by former Army intelligence analyst Chelsea Manning. Vault 7 could also compare in size to the hundreds of thousands of documents taken from the National Security Agency by Edward Snowden and handed over to journalists in 2013.
And what does the material show? In its statement WikiLeaks said the code is designed to rip off data from targets overseas. Some of the code, it said, could transform everyday household items, including cellphones, computers and even television sets, into surveillance tools.
CHECKING FOR AUTHENTICITY
While the veracity of WikiLeaks’ claims has not yet been established, and the CIA would say only that “we do not comment on the authenticity or content of purported intelligence documents,” cybersecurity experts told the Post and the Times that the data, at least at first blush, seems kosher.
“At first glance,” the data release “is probably legitimate or contains a lot of legitimate stuff, which means somebody managed to extract a lot of data from a classified CIA system and is willing to let the world know that,” said Nicholas Weaver, a computer security researcher at the University of California at Berkeley, told the Post.
While fabricating a huge amount of data is difficult, though not impossible, Weaver said he knows of only one case where WikiLeaks deliberately mislabeled its stolen data, “but no cases yet of deliberately fraudulent information.”
THE CATCHY AND CLEVER SIDE OF THE SPY WORLD
The documents being shared by WikiLeaks, which purportedly include files from the CIA’s Operational Support Branch, describe an array of tools and projects with curious and catchy nicknames – Time Stomper, Fight Club, Jukebox, Bartender, Wild Turkey and Margarita to name just a few. Since many of the files offered no other additional data, it’s impossible to say exactly what these creatively name tools were designed to do.
AND THOSE SPIES SURE DO TALK FUNNY
One file contained a welcome statement that seemed to suggest the agency had a whole arsenal of cyber-spying tools, malware and intrusion instruments. “Ah yeah, OSB Projects y’all! You know we got the dankest Trojans and collection tools for all your windows asset assist and ORC needs.”
The Times story said that while it was not clear what exactly “ORC” stood for, the acronym is frequently used by hackers to refer to “Old Red Cracker,” an enigmatic pioneer of the hacking world who “openly published directions for reverse-engineering software blueprints in efforts to identify vulnerabilities in them.”
THEY NEVER SAW IT COMING
The WikiLeaks news seems to have caught U.S. intelligence officials by surprise. One unnamed source told the Post that investigators were only starting to get their first look at the documents at the same time the rest of the world was. The source would not say whether the CIA had anticipated the leak or spoken about it with other agencies. “We’ll see what it is whenever they release the codes,” said the official, who spoke on the condition of anonymity, citing the sensitivity of the matter.
A PEEK INSIDE THE CIA’S TOOLBOX
The documents, according to WikiLeaks, will show how sophisticated software tools were used by the CIA to hack into their targets’ smartphones, computers and even Internet-connected televisions. The group said the spy tools, which included malware, viruses, Trojans and weaponized “zero day” exploits, were the work of a CIA team called the Engineering Development Group. That group, according to WikiLeaks, is part of a sprawling cyber-spy complex created within the CIA in recent years as the agency began to focus more resources and attention to online espionage.
YOUR TV IS SPYING ON YOU!
Some of the CIA programs described in the documents seem right out of a spy thriller set in an Internet-of-things world. One hacking program, code-named Weeping Angel, transforms a Samsung “smart” television into a covert listening device, smack dab in the middle of your living room. The WikiLeaks news release said that even when the TV set seemed like it was shut off, the software enabled the appliance to “operate as a bug, recording conversations in the room and sending them over the internet to a covert C.I.A. server.”
A SEATING CHART FOR THE SECRET AGENTS
While the dump by WikiLeaks is chock full of strangely named sleuthing projects and creepy hacks of the American household, there’s a macro element to it as well. The files purportedly include something of an organizational chart of the CIA’s cyber directorate, which seems to suggest that the agency has used the American consulate in Frankfurt, Germany, as a hub of digital operations in Europe, the Middle East and Africa.