WikiLeaks Vault 7: what you need to know about the alleged CIA hacking

Update March 9 10:59am PT: The CIA has spoken out against the WikiLeaks document dump, including in a statement sent to TechRadar. 

Like Apple, Google has chimed in with a statement on the security of its products, saying it's "confident that security updates and protections in both Chrome and Android already shield users from many of these alleged vulnerabilities." 

Finally, WikiLeaks founder Julian Assange said on March 9 the group would give tech companies exclusive access to the information it has in hand, allowing them to gather more details on the CIA's hacking methods. This would let tech firms "develop fixes" before WikiLeaks releases the information to the general public. Assange says some tech companies have asked for details on the CIA's techniques, according to USA Today.

Read on for more...

Surprise, everyone, the US Central Intelligence Agency (CIA) allegedly has the means to hack everyday electronics. 

The revelation comes from WikiLeaks, which has released thousands of purported CIA “Vault 7” files pertaining to hacking tools the agency could use to spy on targets, tools that include various malwares, trojans, and even remote control systems.

With a trove of data released in one fell swoop, just as many questions have arisen, including what devices the CIA could allegedly access and how this might have happened. We’ve put together this guide to get you up to speed on the WikiLeaks Vault 7 document dump.

What is Vault 7?

The basic gist is this: WikiLeaks, the organization headed by Julian Assange and known for leaking thousands of documents about various topics - including details about the inner workings of Scientology and Afghan war logs - has struck once again with details on alleged CIA tools that could be used conduct mass spying programs. The documents cover CIA activity from 2013 through 2016.

Officially, the CIA cannot legally use those tools against US citizens, however the agency could use them against non-US citizens. And as we saw with the Edward Snowden leaks, just because spying on citizens is illegal, this doesn’t mean it's not happening.

“Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized ‘zero day’ exploits, malware remote control systems and associated documentation,” explains the documents. 

The CIA allegedly has a range of tools at its disposal that could easily be used in spying programs. And as we know from the Edward Snowden NSA leaks, the subjects of spying could be either guilty of wrongdoing, or completely innocent.

Is this information authentic?

It’s important to highlight that the leaked documents so far have not been verified. The CIA has not yet issued a statement about the leak, and at the time of publication, the ageny hadn't returned our request for comment on the issue. 

Still, a source for the Wall Street Journal has said the leaks are legitimate, and even Snowden has weighed in to say that he believes the data is authentic.

See more

There is certainly questionable timing to the release. WikiLeaks assures that it published the documents as soon as its “verification and analysis” were ready, however the leaks also come at a time when President Donald Trump has spoken out against the intelligence community over other leaks that suggest campaign officials spoke to Russian intelligence officials in the months before the election. 

As Engadget notes, intentional or not, the new data steers attention towards the CIA and away from what the organization may have learned about the Trump campaign. None of this is to say that we think the documents are a fabrication  on the contrary, it’s looking more and more like they are authentic. It is, however, important to note there is evidence enough to be suspicious of them.

What devices were allegedly hacked?

Politics aside, if the documents are legit, the CIA was able to access a number of devices in its surveillance efforts, many of which you probably own or are familiar with. We've included tips on how to shore up security on these devices as well. 

Samsung Smart TVs

Perhaps the most interesting revelation is the CIA’s alleged use of smart TVs for spying. 

In a document called “Weeping Angel,” the CIA is described as using a “fake-off mode,” which essentially causes a TV’s screen to look like it’s turned off when in reality it is still on and recording audio in the room. The document even goes a step further and describes how the hack could be improved, including capturing video, too.

Unfortunately, there’s not much you can do about your smart TV being used to spy if you want to retain its full use. If, however, you’re fine with doing away with voice control in return for increased privacy, you can disable the microphone in you TV’s settings. It’s important to note that you should also check the permissions for individual apps, and ensure that none of them relate to the microphone.

iPhones and Android phones

On top of Samsung TVs, the CIA is also purportedly tapped into smartphones. 

The agency reportedly developed as many as 24 zero day exploits for Android and an undisclosed number of iPhone exploits. A “zero day” exploit refers to a bug included in a device that the original manufacturer isn’t aware is there.

In most cases, this equates to a small glitch in one of the millions of lines of code housed in a handset. The glitch can be manipulated by hackers, however, including the CIA. 

Apple spoke up on March 7 to say most of the vulnerabilities described in the Vault 7 data dump were patched in the newest version of iOS. Here's the company's full statement, provided to TechCrunch by an Apple spokesperson:

"Apple is deeply committed to safeguarding our customers’ privacy and security. The technology built into today’s iPhone represents the best data security available to consumers, and we’re constantly working to keep it that way. 

Our products and software are designed to quickly get security updates into the hands of our customers, with nearly 80% of users running the latest version of our operating system. While our initial analysis indicates that many of the issues leaked today were already patched in the latest iOS, we will continue work to rapidly address any identified vulnerabilities. We always urge customers to download the latest iOS to make sure they have the most recent security updates."

Google also spoke up on March 9, noting in a statement to Recode that its security updates and protections for Chrome and Android should shield users from the alleged vulnerabilities outlined in the documents: 

"As we’ve reviewed the documents, we're confident that security updates and protections in both Chrome and Android already shield users from many of these alleged vulnerabilities," Heather Adkins, Google's director of information security and privacy said. 

"Our analysis is ongoing and we will implement any further necessary protections. We've always made security a top priority and we continue to invest in our defenses."

A big part of the leak was the news that the CIA could look at messages from encrypted messaging services like WhatsApp, Telegram and Weibo, however it’s important to note it does not appear as though the agency has hacked those specific apps, but rather the underlying operating system that the apps run on.

Many device manufacturers offer rewards to developers who find zero day exploits, so the best thing for your phone may just be to ensure that it always has the latest update.

Windows, OS X and Linux devices

According to the documents, the CIA has also put substantial effort into infecting and controlling Windows, OS X, and Linux-based computers. 

Not only does it also use zero day exploits on those computers, but it has also developed malware that can infect CDs and DVDs, write itself onto USB drives, and hide in covert disk areas to avoid detection. 

There’s unfortunately not much that can be done about these exploits, however it’s generally a good idea to download and use antivirus software like AVG, and ensure that it always has the latest update.

Connected cars

According to the documents, the CIA has even put research into how it can infect the computers inside internet-connected cars. 

This stems from a 2014 meeting of the CIA’s Embedded Development Branch, which is apparently a sector of the agency that handles hacking into electronic devices to turn them into covert microphones. Not only that, but WikiLeaks notes that the ability to hack into connected cars would enable the CIA to use the cars for “undetectable assassinations.”

There’s almost nothing that can be done about this. If you car gets software updates, ensure that it always has the latest one.

CIA's response

After initially staying quiet, the CIA has issued a few statements on the WikiLeaks data dump. 

The first landed March 8 via NBC Nightly News on Twitter. The agency said it had "no comment on the authenticity of purported intelligence documents released by WikiLeaks or on the status of any investigation into the source of the documents." 

While that may have sufficed, the agency went on to make "several critical points" about its role as an intelligence agency, what it can and cannot do as far as electronic surveillance and a warning against WikiLeak's actions:   

See more

CIA spokesperson Jonathan Liu also provided a statement to TechRadar on March 9:

"As we’ve said previously, Julian Assange is not exactly a bastion of truth and  integrity," Liu said. "Despite the efforts of Assange and his ilk, CIA continues to  aggressively collect foreign intelligence overseas to protect America from terrorists, hostile nation states and other adversaries."

Liu also said the CIA's earlier statement still stands.

What now?

The documents uncovered by WikiLeaks, if accurate, will undoubtedly be studied over the next few weeks and months, and we’ll likely hear more details about the CIA’s alleged spying when that information becomes available. 

As for keeping your devices secure - or as secure as they can be - try to update your electronics frequently and use antivirus software to avoid any malware that can be detected. Last but not least, stay informed, keeping an eye on information that’s released about the documents in the coming days and weeks.

Michelle Fitzsimmons contributed to this report

Christian is a writer who's covered technology for many years, for sites including Tom's Guide, Android Central, iMore, CNN, Business Insider and BGR, as well as TechRadar.