WikiLeaks have reportedly made yet another chilling discovery regarding the US intelligence community’s level of access into the nation's common household devices.
According to a leaked document from 2010, the Central Intelligence Agency (CIA) has allegedly been able to gain access to US citizens’ web browsing history as well as scan email addresses and phone numbers through insecurities in everyday office and in-home wireless routers via several previously-unknown tools.
The CIA reportedly deployed one such protocol known as CherryBlossom on various consumer-grade wireless routers by 2012 in the US. The document details that routers were targeted due to being hubs for transmitting and receiving data while also being relatively lax in security.
- This is the best gaming mouse to go with your next router
The program would require the agency to develop firmware implants needed to employ its exploits. Reportedly, the CIA issued such implants for about 25 different routers from 10 different manufacturers, like Asus, Linksys and Netgear among others, come mid-2012.
This story follows a recent report of device LEDs, particularly on routers, proving to be especially easy to compromise. While unrelated, both cases highlight potentially massive holes in the security of most consumer-grade wireless routers.
It’s currently unclear as to whether these CherryBlossom implants are still operating within however many routers have been allegedly affected. It’s also unknown whether they’re still active or whether the device makers in question were aware of this practice.
We’ve contacted several of the named router manufacturers, as well as the CIA’s media relations office, for comment and will update this story should we receive replies.
- These are the top wireless routers we’ve reviewed so far
Via ZDNet
