From the massive 8,000 pages data dump by Wikileaks comes this analysis of the world’s most popular computer anti-virus products. You may have them on you computer.
The CIA hackers are make comments about these products, suggesting that US intelligence agencies are all too aware of flaws and backdoors. They have commented on all the major anti-virus products – probably including the one currently “guarding” your cyber infrastructure. Read more here.
What’s the most important thing to remember, however is that last year, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized “zero day” exploits, malware remote control systems and associated documentation.
This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.
Right now, we are highly exposed to cyber attacks. Any day now we’re going to hear of trains being turned into missiles, power supplies sabotaged, hospitals releasing sensitive data or killing people through medical hacking. It’s a perfect time for the online armies of our enemies to attack. Anti virus programs are written quickly and sloppily. They have mistakes that can be exploited. Symantec even came loaded with malware.
Now we know the CIA is involved in spying through household objects. (the Fourth Amendment should prevent it from spying on us but who knows?)
Here’s an excerpt from the Wikileaks document:
CIA malware targets iPhone, Android, smart TVs
CIA malware and hacking tools are built by EDG (Engineering Development Group), a software development group within CCI (Center for Cyber Intelligence), a department belonging to the CIA’s DDI (Directorate for Digital Innovation). The DDI is one of the five major directorates of the CIA (see this organizational chart of the CIA for more details).
The EDG is responsible for the development, testing and operational support of all backdoors, exploits, malicious payloads, trojans, viruses and any other kind of malware used by the CIA in its covert operations world-wide.
The increasing sophistication of surveillance techniques has drawn comparisons with George Orwell’s 1984, but “Weeping Angel”, developed by the CIA’s Embedded Devices Branch (EDB), which infests smart TVs, transforming them into covert microphones, is surely its most emblematic realization.
The attack against Samsung smart TVs was developed in cooperation with the United Kingdom’s MI5/BTSS. After infestation, Weeping Angel places the target TV in a ‘Fake-Off’ mode, so that the owner falsely believes the TV is off when it is on. In ‘Fake-Off’ mode the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.
As of October 2014 the CIA was also looking at infecting the vehicle control systems used by modern cars and trucks. The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations.
The CIA’s Mobile Devices Branch (MDB) developed numerous attacks to remotely hack and control popular smart phones. Infected phones can be instructed to send the CIA the user’s geolocation, audio and text communications as well as covertly activate the phone’s camera and microphone.
Despite iPhone’s minority share (14.5%) of the global smart phone market in 2016, a specialized unit in the CIA’s Mobile Development Branch produces malware to infest, control and exfiltrate data from iPhones and other Apple products running iOS, such as iPads. CIA’s arsenal includes numerous local and remote “zero days” developed by CIA or obtained from GCHQ, NSA, FBI or purchased from cyber arms contractors such as Baitshop. The disproportionate focus on iOS may be explained by the popularity of the iPhone among social, political, diplomatic and business elites.
I have been talking for a year about Host Integrity Technology. This is a US-patented solution that prevents all malware from executing (opening) on anything that’s connected to the internet, even computers or items that are air gapped. It’s time the government and our critical infrastructure owners paid attention.