Close Menu
TechCentralTechCentral

    Subscribe to the newsletter

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    Facebook X (Twitter) YouTube LinkedIn
    WhatsApp Facebook X (Twitter) LinkedIn YouTube
    TechCentralTechCentral
    • News

      Trump tariffs could wreck South Africa’s vehicle manufacturing industry

      14 July 2025

      Legislative overhaul on the cards for South Africa’s ICT sector

      14 July 2025

      The 1940s visionary who imagined the Information Age

      14 July 2025

      Microsoft South Africa to get new MD as Lillian Barnard moves to regional role

      14 July 2025

      Zuckerberg used open source to scale AI – now the lock-in begins

      14 July 2025
    • World

      Grok 4 arrives with bold claims and fresh controversy

      10 July 2025

      Bitcoin pushes higher into record territory

      10 July 2025

      Cupertino vs Brussels: Apple challenges Big Tech crackdown

      7 July 2025

      Grammarly acquires e-mail start-up Superhuman

      1 July 2025

      Apple considers ditching its own AI in Siri overhaul

      1 July 2025
    • In-depth

      Siemens is battling Big Tech for AI supremacy in factories

      24 June 2025

      The algorithm will sing now: why musicians should be worried about AI

      20 June 2025

      Meta bets $72-billion on AI – and investors love it

      17 June 2025

      MultiChoice may unbundle SuperSport from DStv

      12 June 2025

      Grok promised bias-free chat. Then came the edits

      2 June 2025
    • TCS

      TCS+ | MVNX on the opportunities in South Africa’s booming MVNO market

      11 July 2025

      TCS | Connecting Saffas – Renier Lombard on The Lekker Network

      7 July 2025

      TechCentral Nexus S0E4: Takealot’s big Post Office jobs plan

      4 July 2025

      TCS | Tech, townships and tenacity: Spar’s plan to win with Spar2U

      3 July 2025

      TCS+ | First Distribution on the latest and greatest cloud technologies

      27 June 2025
    • Opinion

      In defence of equity alternatives for BEE

      30 June 2025

      E-commerce in ICT distribution: enabler or disruptor?

      30 June 2025

      South Africa pioneered drone laws a decade ago – now it must catch up

      17 June 2025

      AI and the future of ICT distribution

      16 June 2025

      Singapore soared – why can’t we? Lessons South Africa refuses to learn

      13 June 2025
    • Company Hubs
      • Africa Data Centres
      • AfriGIS
      • Altron Digital Business
      • Altron Document Solutions
      • Altron Group
      • Arctic Wolf
      • AvertITD
      • Braintree
      • CallMiner
      • CambriLearn
      • CYBER1 Solutions
      • Digicloud Africa
      • Digimune
      • Domains.co.za
      • ESET
      • Euphoria Telecom
      • Incredible Business
      • iONLINE
      • Iris Network Systems
      • LSD Open
      • NEC XON
      • Network Platforms
      • Next DLP
      • Ovations
      • Paracon
      • Paratus
      • Q-KON
      • SevenC
      • SkyWire
      • Solid8 Technologies
      • Telit Cinterion
      • Tenable
      • Vertiv
      • Videri Digital
      • Wipro
      • Workday
    • Sections
      • AI and machine learning
      • Banking
      • Broadcasting and Media
      • Cloud services
      • Contact centres and CX
      • Cryptocurrencies
      • Education and skills
      • Electronics and hardware
      • Energy and sustainability
      • Enterprise software
      • Fintech
      • Information security
      • Internet and connectivity
      • Internet of Things
      • Investment
      • IT services
      • Lifestyle
      • Motoring
      • Public sector
      • Retail and e-commerce
      • Science
      • SMEs and start-ups
      • Social media
      • Talent and leadership
      • Telecoms
    • Events
    • Advertise
    TechCentralTechCentral
    Home » David Glance » Leak shows staggering breadth of CIA ‘hacking’

    Leak shows staggering breadth of CIA ‘hacking’

    By David Glance8 March 2017
    Twitter LinkedIn Facebook WhatsApp Email Telegram Copy Link
    News Alerts
    WhatsApp

    WikiLeaks has released what it claims is the largest leak of intelligence documents in history. It contains 8 761 documents from the CIA detailing some of its hacking arsenal.

    The release, code-named “Vault 7” by WikiLeaks, covers documents from 2013 to 2016 obtained from the CIA’s Centre for Cyber Intelligence. They cover information about the CIA’s operations as well as code and other details of its hacking tools including “malware, viruses, trojans, weaponised ‘zero day’ exploits” and “malware remote control systems”.

    One attack detailed by WikiLeaks turns a Samsung Smart TV into a listening device, fooling the owner to believe the device is switched off using a “fake-off” mode.

    The CIA apparently was also looking at infecting vehicle control systems as a way of potentially enabling “undetectable assassinations”, according to WikiLeaks.

    One of the greatest focus areas of the hacking tools was getting access to both Apple and Android phones and tablets using “zero-day” exploits. These are vulnerabilities that are unknown to the vendor, and have yet to be patched.

    This would allow the CIA to remotely infect a phone and listen in or capture information from the screen, including what a user was typing for example.

    This, and other techniques, would allow the CIA to bypass the security in apps like WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman by collecting the messages before they had been encrypted.

    If it is true that the CIA is exploiting zero-day vulnerabilities, then it may be in contravention of an Obama administration policy from 2014 that made it government policy to disclose any zero-day exploits it discovered, unless there was a “a clear national security or law enforcement” reason to keep them secret.

    Another potentially alarming revelation is the alleged existence of a group within the CIA called Umbrage that collects malware developed by other groups and governments around the world. It can then use this malware, or its “fingerprint”, to conduct attacks and direct suspicion elsewhere.

    According to WikiLeaks, this is only the first part of the leak, titled “Year Zero”, with more to come.

    WikiLeaks’s press release gives an overview on the range of the hacking tools and software, and the organisational structure of the groups responsible for producing them.

    WikiLeaks hasn’t released any code, saying that it has avoided “the distribution of ‘armed’ cyberweapons until a consensus emerges on the technical and political nature of the CIA’s programme and how such ‘weapons’ should [be] analysed, disarmed and published”.

    WikiLeaks founder Julian Assange made a statement warning of the proliferation risk posted by cyberweapons: “There is an extreme proliferation risk in the development of cyber ‘weapons’. Comparisons can be drawn between the uncontrolled proliferation of such ‘weapons’, which results from the inability to contain them combined with their high market value, and the global arms trade. But the significance of ‘Year Zero’ goes well beyond the choice between cyberwar and cyber peace. The disclosure is also exceptional from a political, legal and forensic perspective.”

    There hasn’t been time for there to be any validation that what WikiLeaks has published is actually from the CIA. But given the scale of the leak, it seems likely to be the case.

    WikiLeaks has indicated that its “source” wants there to be a public debate about the nature of the CIA’s operations and the fact that it had, in effect, created its “own NSA” with less accountability regarding its actions and budgets.

    Julian Assange

    This release of documents from the CIA follows on from a much smaller release of some of the NSA’s “cyberweapons” last year. In that case, the hackers, calling themselves the “Shadow Brokers”, tried to sell the information that they had stolen.

    At the time, it was thought that this hack was likely to be the work of an insider but could have also been the work of the Russian secret services as part of a general cyber campaign aimed at disrupting the US elections.

    This release also follows the release of NSA documents by Edward Snowden in 2013.

    While WikiLeaks may have a point in trying to engender a debate around the development, hoarding and proliferation of cyberweapons of this type, it is also running a very real risk of itself acting as a vector for their dissemination. It is not known how securely this information is stored by WikiLeaks or who has access to it, nor how WikiLeaks intends to publish the software itself.
    WikiLeaks has redacted a large amount of information from the documents — 70 875 redactions in total — including the names of CIA employees, contractors, targets and tens of thousands of IP addresses of possible targets and CIA servers.

    Damage done

    The damage that this release is likely to do to the CIA and its operations is likely to be substantial. WikiLeaks has stated that this leak is the first of several.

    How the CIA chooses to respond is yet to be seen, but it is likely to have made Julian Assange’s chance of freedom outside the walls of the Ecuadorian Embassy even less likely than it already was.

    The fact that the CIA would have an arsenal of this type or be engaging in cyberespionage is hardly a revelation. WikiLeak’s attempts to make the fact that the CIA was involved in this activity a topic of debate will be difficult simply because this is not surprising, nor is it news.

    The fact that an insider leaked this information is more of an issue, as is the possibility of it being another example of a foreign state using WikiLeaks to undermine and discredit the US secret services.

    US intelligence officials have declined to comment on the disclosure by WikiLeaks, in all probability because they would need to analyse what information has actually been posted and assess the resulting damage it may have caused. The Conversation

    • David Glance is director of the UWA Centre for Software Practice, University of Western Australia
    • This article was originally published on The Conversation


    CIA David Glance Julian Assange NSA WikiLeaks
    Subscribe to TechCentral Subscribe to TechCentral
    Share. Facebook Twitter LinkedIn WhatsApp Telegram Email Copy Link
    Previous Article‘Spying TV’ claims add to Samsung’s troubles
    Next Article Treasury won’t break law on welfare deal: ANC

    Related Posts

    Julian Assange to be freed in US plea deal

    25 June 2024

    NSA chief accuses China of ‘very aggressive’ hacking strategy

    31 May 2024

    Julian Assange faces his moment of reckoning

    20 February 2024
    Company News

    Banking on LEO: Q-KON transforms financial services connectivity

    14 July 2025

    The future of business calling: Voys brings your landline to the cloud

    14 July 2025

    How digital twins and AI are shaping the future of security

    14 July 2025
    Opinion

    In defence of equity alternatives for BEE

    30 June 2025

    E-commerce in ICT distribution: enabler or disruptor?

    30 June 2025

    South Africa pioneered drone laws a decade ago – now it must catch up

    17 June 2025

    Subscribe to Updates

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    © 2009 - 2025 NewsCentral Media

    Type above and press Enter to search. Press Esc to cancel.