State Sponsored cyber attacks are not exactly something new but the fresh bout of leaked confidential documents by WikiLeaks have revealed how CIA is snooping around in each and every way possible. With the onset of smart devices and interconnected ecosystem, the leaked document only becomes more relevant. Named “Vault 7”, the leaked documents from WikiLeaks inadvertently points at the possibility that the CIA’s surveillance program has become bigger than they can handle. The documents outlay the techniques for hacking and also reveal a particular instance wherein CIA had joined hands with British Intelligence in order to turn Smart TVs into spying machines, but more on that later.
Why Should it Matter to You?
Well, in all likelihood, you won’t be a ‘Person of Interest’ for the CIA, but the very potent of their surveillance machinery is disturbing. Right from the 2013 Snowden GHCQ hacks, until now, things haven’t changed much at the agencies, be it the CIA or NSA. If you were paranoid about wrapping your heads over new connected technologies right from the beginning, perhaps you were right all along. Also, it’s worth noting that the Vault 7 is the largest intelligence publication in the history.
On the contrary, we also need to realize that CIA is a spying agency and is known to target certain people and device hacking tools that help them do the same. Provided that you don’t have an anti-nationalist propaganda and are not an activist that has interests polar opposite to that of Uncle Sam, the chances are that none of this has affected you, but again in the recent days the “anti-national” has been loosely defined and is polarized into various ideologies.
CIA has targeted iPhones, Android Smartphones, Samsung Smart TV’s and all of this has been possible by exploiting zero-day hacks that plagued the devices. Needless to say, CIA has decided to risk millions of devices out there by not informing the manufacturers of the hacks and instead using the same for its operational benefits. This sets me wondering if CIA can do this by deploying hackers the possibility of hackers doing it for their own needs to be entertained.
Apple, Google, and Microsoft have already flung into action and are fixing the vulnerabilities on a high priority basis. However, the Vault 7 has clearly outlined the capabilities of CIA and the devices that can be turned into snooping monster. Since the details are out in the wild, it’s safe to assume that CIA needs to work from the ground up and revamp their campaign in order to find newer ways to spy on people. Let’s take a close look at all the things that CIA is capable of spying on,
- The shiny new TV with voice activated commands that you boast about for its smartness might actually end up being a dumb device that spies on its owners. The Year Zero, a first part of the series has mentioned “Weeping Angel” a covert spying program that converts Smart TVs into a covert microphone that effectively bugs your room. The ‘Fake Off’ mode is when your TV seems switched off but isn’t and this is when the hackers can intercept your conversations, perhaps this explains why Mark Zuckerberg is paranoid and has stuck a sticker on his laptop’s mic and webcam.
- Here is something that might help you, if you have got a Samsung Smart TV from 2012 or 2013 and update the firmware. Also, look out for the Blue LED at the back of your TV, if you have assumed that the TV is off and the LED is still glowing, something is definitely not right. How to protect yourself from eavesdropping? Simply unplug the TV after use.
- Remember how hackers had managed to remotely kill a Jeep Cherokee on the Highway? Well, maybe CIA was already capable of doing it before the entire world came to know about such a hack. Unlike the 90’s, the cars today are increasingly connected to the internet and are mostly manned by electronic control units and this along with a loophole in the control systems/entertainment units ends up handing over the control of the entire car to the hackers.
- The hackers can control every aspect of your car including climate control, steering, cruise control, wipers, and also the ignition. This is definitely scary and will let CIA engage targets and take them out in an undetected assassination, yes sans Sniper or an Assassin. General Motors is yet to comment on the leak but it’s surprising that they didn’t learn a lesson from the Chrysler hack (the company that manufacturers Jeep Cherokee.) On the contrary, I would also like to mention that automobile manufacturers are isolating their engine control units from entertainment units and this will make breaking in the system a daunting task.
- Computers/laptops or any other form of computing machine has always been susceptible to eavesdropping. Malware has branched into definitive variants like the Ransomware that takes control of users system and holds data for ransom. According to Wikileaks the CIA malware can bypass PGP email encryption on your computer running on Windows, macOS, and Linux. Apparently, this also allows CIA to see what you are doing on the Tor Browser (Bye bye Dark Web?)
- The leaks further presume that even messaging apps like Signal can be intercepted since the CIA is capable of getting complete access to your smartphone. Signal has however refuted the claim and says that Signal cannot be hacked as a standalone app. Contextually speaking, Signal can only be accessed after CIA has control of your entire device. Furthermore, the dumps also reveal that infected phones can be instructed to send the CIA user’s geolocation, audio, SMS and also activate the phone’s camera.
Yes, the new documents clearly establish that CIA has been growing its tentacles when it comes to surveillance and unlike NSA the agency is not exactly tight-lipped about its exploits either. It’s highly unlikely that CIA will initiate a surveillance program to spy on everyone, but yet if you figure out in their lists the agency will probably find a million ways to spy. In the meanwhile we can enforce some rudimentary measures like scotch taping our webcams (or still better try this out), switching off the TV after viewing and disconnecting the connected stuff when not needed.