Am genuinely curious why group who hacked CIA laundering via Wikileaks, rather than a new cutout. Seems likely to undermine their message.
— Pwn All The Things (@pwnallthethings) March 7, 2017
Fred Kaplan writes: Tuesday’s WikiLeaks release exposing thousands of detailed documents on CIA hacking tools is an unbridled attack on U.S. intelligence operations with little or no public benefit. It makes no claim or pretense that the CIA has used these tools to engage in domestic surveillance or any other illegal activity. Most whistleblowers who leak national security secrets take care to avoid revealing where the secrets come from — the “sources and methods” of the intelligence. These documents are about nothing but sources and methods. [Continue reading…]
Reuters reports: A longtime intelligence contractor with expertise in U.S. hacking tools told Reuters the documents included correct “cover” terms describing active cyber programs.
“People on both sides of the river are furious,” he said, referring to the CIA and the eavesdropping National Security Agency based in Fort Meade, Maryland. “This is not a Snowden-type situation. This was taken over a long term and handed over to WikiLeaks.” [Continue reading…]
In a press release, Wikileaks said: Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized “zero day” exploits, malware remote control systems and associated documentation. This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.
In a statement to WikiLeaks the source details policy questions that they say urgently need to be debated in public, including whether the CIA’s hacking capabilities exceed its mandated powers and the problem of public oversight of the agency. The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons.
Names, email addresses and external IP addresses have been redacted in the released pages (70,875 redactions in total) until further analysis is complete. [Continue reading…]
The Atlantic reports: WikiLeaks appears to be shifting its strategy with its latest document dump. In the past, it has let the public loose on its leaked documents with little more than a few paragraphs of introduction, occasionally building search functions to let users sift through the largest dumps. The CIA leak, on the other hand, came with a detailed press release and analysis of the some key findings from the documents, written in a journalistic style.
Uncharacteristically, WikiLeaks appears to have gone out of its way to redact sensitive information and withhold malicious code from the CIA documents it made public. That’s a slight departure from previous leaks, which were wholly unfiltered. [Continue reading…]
Given that it has become increasingly difficult to differentiate between Wikileaks the organization and Julian Assange the individual, I have my doubts that the massive number of redactions and carefully crafted press release should necessarily be attributed to a shift in strategy on the part of Wikileaks/Assange. This may in fact be the way the leaks were delivered: pre-packaged.
In other words, the leaker(s) were just as concerned about how this information got out as they were with its contents — and that begs the question (as posed by @pwnallthethings): why use Wikileaks?
If, as the source is alleged to claim, the goal here is to generate public debate, why use such a flawed messenger — a messenger widely viewed as operating in the service of the Russian intelligence.
The source’s choice of going through Wikileaks suggests they were opting for a suitably malleable conduit and wanted to reach a target audience that thinks little or cares less about Julian Assange’s agenda.
Journalists are hamstrung (or to put it less kindly, incredibly easy to manipulate) in this situation. The key questions are about the source of leaks and the agenda being pursued, yet these are at this time matters of pure conjecture. The alternative to speculation is to focus on the content and get distracted by smart TV vulnerabilities etc.
Yet the source/Wikileaks is in large part teeing this up for political debate and casting the CIA as a rogue intelligence agency — a narrative that surely plays well inside the White House.
As is often the case, Donald Trump’s current silence is much more telling than his tweets.