Last week, WikiLeaks published the biggest and the most scandalous collection of files and documents it has ever leaked. The leak shows that the CIA is capable of hacking almost any smart device, regardless of its operating system
Last Tuesday, WikiLeaks published a treasure trove of data on the internet, exposing information about the CIA's arsenal of hacking tools. The release was code-named "Year Zero," which is part of a larger release called "Vault 7."
Apparently, techies really love these cryptic names, considering "Year Zero" is just the name of a folder that contains more than 8,500 documents. The files were made available via the BitTorrent protocol in an encrypted archive located somewhere in Dark Web.
For non-techies: If you want to get a hold of some or all of these files, you need to install a BitTorrent application on your computer and search for "Year Zero." Of course, you will also need the password! After entering the password, some server somewhere in the world will allow you to connect, download and decrypt this dossier.
WikiLeaks members obviously needed to play cat-and-mouse with their adversaries, and likewise they were under attack right when they were going to release the password. However, all is done.
The password is out and it has been recorded by millions of users so far, and the files in the "Year Zero" folder have been downloaded millions of times already.
Undeniably, it will take several days or even weeks for journalists, security engineers and WikiLeaks aficionados to sift through the data and discover what is in it. But, after a quick scan, you could tell that this is bigger than anything WikiLeaks has ever done before. It really deserves the name "Snowden 2.0."
Included in this extraordinary release are details of the hacking tools for various devices, from iPhones, Android devices, to Samsung TVs, that can be exploited to eavesdrop on people. Not only these, routers, and computers using Linux, MacOS, and Windows operating systems are not safe either.
These hacking tools are called "Zero Day" exploits, because the manufacturers (Apple, Google, Samsung, etc.) of the equipment were not aware of them, and have not yet device solutions to stop the attacks.
So, this gives way to the question, who has developed these attack tools, or more appropriately, who has paid hackers to develop these tools?
WikiLeaks claims that the Center for Cyber Intelligence (CCI) of the CIA has produced thousands of weaponized pieces of malware, Trojans, viruses and other tools. This division of the CIA is also known as "CIA's hacking division."
WikiLeaks also said that the CIA has tools to bypass or circumvent encryption mechanisms employed by popular instant messenger apps like Signal, Confide, WhatsApp (used by more than a billion people!), and Telegram.
Several journalists worked - probably without sleep - 48 hours following the release and discovered that several hacking tools were being described, but, alarmingly, this is believed to be only the tip of the iceberg.
The files contain hacking software to break into Android and iPhone handsets, and many hundreds of client computers running Windows, MacOS and Linux.
Popular apps such as Signal, Telegram and WhatsApp are entirely insecure due to these tools. Since the tools break into the operating system of the computer or the phone, all security measures are useless. The attacker can directly read the data before it is encrypted by the app.
One of the most shocking hacking software was described in a document named "Weeping Angel." It enables hackers to install a special software that allows TVs to be turned into listening devices. Even if the TV is seemingly turned off, it is actually on.
Some documents describe hacking tools to remotely control, enable or disable certain brands and models of cars, this ability obviously means more than a cyber-attack. It is a cyber-physical attack, aiming to cause physical or bodily damage.
Some documents show that there were software bugs in the biggest consumer electronics in the world, including phones and computers made by tech giants like Apple, Google and Microsoft. However, these companies were not aware of these bugs, and CIA was intentionally keeping the bugs secret.
There are still many thousands of unread documents as less than one-third of the 8,378 pages of files have been sorted and read so far. Furthermore, this is just the "Year Zero" folder and the "Vault 7" apparently contains much more, but WikiLeaks have not made it available yet. Julian Assange said "Year Zero" was just the beginning.
These leaks have worried everyone, citizens, privacy lawyers and manufacturers alike. Apple, Microsoft and Samsung made brief statements saying "they were working on it."
Meanwhile, the Electronic Frontiers Foundation, an international non-profit digital rights group based in San Francisco, California, said that the CIA appears to have failed to accurately assess the risk of not disclosing vulnerabilities to responsible vendors.
As these leaks show, we were left vulnerable by the CIA's decision to keep news of these back-doors secret and even worse, exploit them.
Keep up to date with what’s happening in Turkey,
it’s region and the world.
You can unsubscribe at any time. By signing up you are agreeing to our Terms of Use and Privacy Policy.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.