BBC News reports: The head of the CIA Mike Pompeo has described anti-secrecy organisation WikiLeaks as a “non-state hostile intelligence service” that is often abetted by states such as Russia.
Russian military intelligence used Wikileaks to distribute hacked material during the US election, he added.
Earlier this month Wikileaks published details of what it said were CIA hacking tools.
The FBI and CIA have launched a criminal investigation into the leak.
“WikiLeaks walks like a hostile intelligence service and talks like a hostile intelligence service,” Mr Pompeo said, speaking at a Washington think tank.
“It overwhelmingly focuses on the US, while seeking support from anti-democratic countries and organisations,” he added. [Continue reading…]
Business Insider reports: There was much confusion Thursday [3/9] when Nigel Farage was spotted by BuzzFeed leaving the Ecuadorian Embassy in London — the residence of WikiLeaks founder Julian Assange.
Asked why he was there, Farage replied that he couldn’t remember what he was doing in the building, adding, “I never discuss where I go or who I see.”
Emails leaked to Business Insider, however, reveal that UKIP under Farage’s leadership had long-standing links to Assange. [Continue reading…]
Inquisitr reports: The Wikileaks site is at least partly hosted on servers based in Russia — servers that it added just one week before the site released thousands of hacked emails from the account of John Podesta, chairman of the Hillary Clinton presidential campaign, in October of last year according to findings published in an online report on Sunday.
The Podesta emails, while containing no major revelations, revealed members of Clinton’s campaign speaking privately, in frank terms that proved embarrassing and likely damaging to her campaign for president against Donald Trump. United States intelligence agencies, according to a report issued by the Director of National Intelligence in January, concluded that a Russian government-sponsored hacking effort was behind the Podesta leak and other cyber-attacks — which were designed to help throw the election to Donald Trump.
Sunday’s online report, authored by freelance journalist Laurelai Bailey, examined a list of internet IP addresses used by Wikileaks to host its site, which houses numerous large troves of leaked and hacked documents, and found two addresses of servers in Russia and hosted by a company run by an individual named Peter Chayanov.
“Now the actual owner of the IP addresses is a man by the name of Peter Chayanov, whose IP addresses have hosted spammers and hackers, according to my sources, who work in internet backbone companies,” Bailey wrote. “Chayanov’s IP space is a virtual equivalent of a bad neighborhood that makes you lock your car doors when you drive through it. So this further implies a connection to Wikileaks and Russian hackers.”
Patribotics reports: The internet is tightly controlled in Russia. Cyber criminals have to answer to Putin. Mr. Chayanov is the head of a firm called Hostkey, which hosts mail spammers and other malware and hacking tools, despite offering web space to Wikileaks. Wikileaks chose to use a Russian hacker to host their site – and they knew that he was connected to Vladimir Putin and operated with the blessing of Putin’s government.
Putin and Assange are thus already linked.
But it is much worse for Wikileaks – and the internet in general – even than it looks. In order not to bury the lede, I will report what appear to be the conclusions of the web developers and hackers on Twitter discussing Laurelai’s story, and then report on how they appeared to have arrived there.
* Wikileaks has handed Chayanov access to everything stored on its site and servers
* The Russian hacker and spammer can ‘monitor traffic’
* He can tell who is reading anything on the Wikileaks site anywhere in the world
* The Russian hacker has access to all documents that have been sent to Wikileaks
* He can probably bust the anonymity of any computer or user who thought they were anonymously donating to Wikileaks
* It is not reasonable to suggest that this hacker is other than linked with Russia’s GRU – if he has it, they have it
* Through Julian Assange and his website, it appears that the Russian hacker and his government can track any readers of the Wikileaks site and any donors of material to it, thus allowing Russia to ‘blackmail’ anyone who ‘sent secrets’ to Wikileaks as a ‘whistleblower’. [Continue reading…]
The Wall Street Journal reports: Investigators probing who may have provided WikiLeaks with classified information about the Central Intelligence Agency’s purported computer-hacking techniques are zeroing in on a small number of contractors who have worked for the agency and may have been disgruntled over recent job losses, according to people familiar with the investigation.
Authorities on Thursday questioned a handful of contractors working in at least two locations in the Virginia suburbs of Washington, D.C., these people said. Law-enforcement officials said no arrests had been made, but one person familiar with the investigation said it was “rapidly unfolding.”
This person added that a digital trail has pointed authorities, at least initially, to a team of software developers working with the CIA’s Engineering Development Group. The group designs tools that, according to the documents released this week by WikiLeaks, the CIA uses to break into smartphones, personal computers and televisions connected to the internet. The more than 8,000 pages of documents that WikiLeaks disclosed appear to have been taken last December from a server that the Engineering Development Group uses, this person said, and that “only a few contractors would have access to.”
More than a dozen companies work for the CIA on hacking projects, the bulk of them at a facility near Chantilly, Va. It wasn’t clear which companies the people who were questioned worked for. In recent months, there has been talk of “bad blood” in the small world of CIA contractors who are vital to the agency’s hacking projects, the people familiar with the probe said. One group of contractors recently had been working for the CIA overseas and expected to be given new jobs with the agency in the U.S., but their positions were later eliminated, one person said. [Continue reading…]
Zeynep Tufekci writes: On Tuesday morning, WikiLeaks released an enormous cache of documents that it claimed detailed “C.I.A. hacking tools.” Immediately afterward, it posted two startling tweets asserting that “C.I.A. hacker malware” posed a threat to journalists and others who require secure communication by infecting iPhone and Android devices and “bypassing” encrypted message apps such as Signal and WhatsApp.
This appeared to be a bombshell. Signal is considered the gold standard for secure communication. WhatsApp has a billion users. The C.I.A., it seemed, had the capacity to conduct sweeping surveillance on what we had previously assumed were our safest and most private digital conversations.
In their haste to post articles about the release, almost all the leading news organizations took the WikiLeaks tweets at face value. Their initial accounts mentioned Signal, WhatsApp and other encrypted apps by name, and described them as “bypassed” or otherwise compromised by the C.I.A.’s cyberspying tools.
Yet on closer inspection, this turned out to be misleading. Neither Signal nor WhatsApp, for example, appears by name in any of the alleged C.I.A. files in the cache. (Using automated tools to search the whole database, as security researchers subsequently did, turned up no hits.) More important, the hacking methods described in the documents do not, in fact, include the ability to bypass such encrypted apps — at least not in the sense of “bypass” that had seemed so alarming. Indeed, if anything, the C.I.A. documents in the cache confirm the strength of encryption technologies. [Continue reading…]
Andy Greenberg writes: When Wikileaks yesterday released a trove of documents purporting to show how the CIA hacks everything from smartphones to PCs to smart televisions, the agency’s already shadowy reputation gained a new dimension. But if you’re an average American, rather than Edward Snowden or an ISIS jihadi, the real danger clarified by that leak wasn’t that someone in Langley is watching you through your hotel room’s TV. It’s the rest of the hacker world that the CIA has inadvertently empowered.
As security researchers and policy analysts dig through the latest WikiLeaks documents, the sheer number of hacking tools the CIA has apparently hoarded for exploiting zero-day vulnerabilities—secret inroads that tech firms haven’t patched—stands out most. If the US intelligence community knows about them, that leaves open the possibility that criminal and foreign state hackers do as well.
Its broad zero-day stash, then, strongly suggests that the CIA—along with other intelligence agencies—has long allowed Americans to remain vulnerable to those same attacks. Now that those hacking secrets are public, potentially along with enough details to replicate them, the danger of the feds leaving major security flaws unfixed only escalates.
“If the CIA can use it, so can the Russians, or the Chinese or organized crime,” says Kevin Bankston, the director of the New America Foundation’s Open Technology Institute. “The lesson here, first off, is that stockpiling a bunch of vulnerabilities is bad for cybersecurity. And two, it means they’re likely going to get leaked by someone.”
It’s no surprise, of course, that one of America’s most well-resourced spy agencies can hack its foreign adversaries. The shock, says Johns Hopkins cryptographer Matt Green, comes instead from the sudden spill of those hacking tools onto the web. “In the same way the military would probably have one technique for killing every single tank in an enemy’s arsenal, you would expect the CIA to collect the same thing,” says Green. “What’s different is that we’re seeing them out in public.”
In fact, WikiLeaks wrote in a note accompanying its Tuesday release that “the archive appears to have been circulated among former US government hackers and contractors in an unauthorized manner.” That raises the possibility the full document set, along with actual exploit details or code, may have fallen into the hands of hackers long before it was published in part by WikiLeaks. [Continue reading…]
The Intercept reports: Attributing hacking attacks to the correct perpetrators is notoriously difficult. Even the U.S. government, for all its technical resources and expertise, took warranted criticism for trying to pin a high-profile 2014 cyberattack on North Korea, and more recently faced skepticism when it blamed Russia for hacks against top Democrats during the 2016 election.
In those cases, government officials said they based their attribution in part on software tools the hackers employed, which had been used in other cyberattacks linked to North Korea and Russia. But that sort of evidence is not conclusive; hackers have been known to intentionally use or leave behind software and other distinctive material linked to other groups as part of so-called false flag operations intended to falsely implicate other parties. Researchers at Russian digital security firm Kaspersky Lab have documented such cases.
On Tuesday, Wikileaks published a large cache of CIA documents that it said showed the agency had equipped itself to run its own false-flag hacking operations. The documents describe an internal CIA group called UMBRAGE that Wikileaks said was stealing the techniques of other nation-state hackers to trick forensic investigators into falsely attributing CIA attacks to those actors. According to Wikileaks, among those from whom the CIA has stolen techniques is the Russian Federation, suggesting the CIA is conducting attacks to intentionally mislead investigators into attributing them to Vladimir Putin.
“With UMBRAGE and related projects, the CIA can not only increase its total number of attack types, but also misdirect attribution by leaving behind the ‘fingerprints’ of the groups that the attack techniques were stolen from,” Wikileaks writes in a summary of its CIA document dump
It’s a claim that seems intended to shed doubt on the U.S. government’s attribution of Russia in the DNC hack; the Russian Federation was the only nation specifically named by Wikileaks as a potential victim of misdirected attribution. It’s also a claim that some media outlets have accepted and repeated without question.
“WikiLeaks said there’s an entire department within the CIA whose job it is to ‘misdirect attribution by leaving behind the fingerprints’ of others, such as hackers in Russia,” CNN reported without caveats.
It would be possible to leave such fingerprints if the CIA were re-using unique source code written by other actors to intentionally implicate them in CIA hacks, but the published CIA documents don’t say this. Instead they indicate the UMBRAGE group is doing something much less nefarious.
They say UMBRAGE is borrowing hacking “techniques” developed or used by other actors to use in CIA hacking projects. This is intended to save the CIA time and energy by copying methods already proven successful. If the CIA were actually re-using source code unique to a specific hacking group this could lead forensic investigators to mis-attribute CIA attacks to the original creators of the code. But the documents appear to say the UMBRAGE group is writing snippets of code that mimic the functionality of other hacking tools and placing it in a library for CIA developers to draw on when designing custom CIA tools. [Continue reading…]
But unlike the last breach in August, an American Central Intelligence Agency worker, not Russian hackers, is the most likely source of a new tranche of documents detailing the methods and tools used by the CIA to steal secrets from foreign governments and terror groups — though some experts have seen signs that Russia is working overtime to take advantage of the disclosure.
Tuesday’s document dump, titled “Vault 7, Year Zero” by WikiLeaks, details the capabilities and culture within the CIA’s secretive Center for Cyber Intelligence in Langley, Virginia. The leak portrays a robust, if not unique, computer-intrusion capability inside the CIA, accented by a few James Bond novelties, like special snooping software intended to be carried into an adversary’s lair on a thumb drive, where a CIA asset plugs it into a USB port. Another program, code-named Weeping Angel, turns a Samsung smart TV into a covert listening device.
The leak follows an incident last August when a mysterious group or individual called the Shadow Brokers began publishing hacking tools stockpiled by the NSA’s elite Tailored Access Operations group, including dozens of backdoor programs and 10 exploits. Experts suspected the Shadow Brokers were a shot across the bow by Russia’s intelligence services.
But the CIA leak could be worse for U.S. intelligence, because it includes code from the agency’s malware development frameworks. Using that code, security experts and counterintelligence agents could sniff out a variety of CIA malware. “For the CIA this is huge loss,” said Jake Williams, founder of Rendition Infosec. “For incident responders like me, this is a treasure trove.” [Continue reading…]
CIA's job includes spying on targets who might have various electronics. This is exactly the sort of toolkit you’d expect them to have.
— matt blaze (@mattblaze) March 8, 2017
Julian Sanchez writes: It’s a cliche of political scandals that “the coverup is worse than the crime”: Attempts to conceal misconduct, because they’re easier to prove and provide otherwise elusive evidence of a guilty mind, often end up being more politically damaging than the underlying misconduct would have been. In the case of the latest Wikileaks document dump, the first in a planned series from a cache the site has dubbed “Vault 7,” we have an apparent reversal of the formula: The un-coverup—the fact of the leak itself—is probably more significant than the substance of what has thus far been revealed.
There are, of course, some points of real interest in the archive of documents, mostly concerning an array of hacking tools and software exploits developed or used by the Central Intelligence Agency’s Engineering Development Group — and it’s likely more will emerge as reporters and analysts churn through more than 8,000 files and documents. We’ve confirmed that the CIA has hung onto and exploited at least a handful of undisclosed “zero day” vulnerabilities in widely-used software platforms, including Apple’s iOS and Google’s Android, the operating systems on which nearly all modern smartphones run.
We also learn that — as many of us expected — the obstacles to conventional wiretapping posed by the growing prevalence of encryption have spurred intelligence agencies to hunt for alternative means of collection, which include not only compromising communications endpoints such as smartphones, but also seeking to repurpose networked appliances on the Internet of Things as surveillance devices. The latter goal has even spawned its own research department, the Embedded Development Branch.
Still, in light of what we already knew about the National Security Agency’s own efforts along similar lines, thanks to Edward Snowden’s disclosures about the agency’s Tailored Access Operations division, this is—at least from a policy perspective—not so much revelation as confirmation. Moreover, there’s little here to suggest surveillance that’s either aimed at Americans or indiscriminate, the features that made Snowden’s leaks about NSA surveillance so politically explosive. One of the more widely-reported projects in Vault 7, for instance, has been the Doctor Who — referencing “Weeping Angel” implant, which can turn Samsung televisions into surveillance microphones even when they appear to be turned off. Yet, at least at the time the documentation in the Wikileaks release was written, Weeping Angel appeared to require physical access to be installed—which makes it essentially a fancy and less detectable method of bugging a particular room once a CIA agent has managed to get inside. This is all fascinating to surveillance nerds, to be sure, but without evidence that these tools have been deployed either against inappropriate targets or on a mass scale, it’s not intrinsically all that controversial. Finding clever ways to spy on people is what spy agencies are supposed to do. [Continue reading…]
Wired reports: Of all the revelations to come out of the 9,000-page data dump of CIA hacking tools, one of the most explosive is the possibility that the spy agency can compromise Signal, WhatsApp, and other encrypted chat apps. If you use those apps, let’s be perfectly clear: Nothing in the WikiLeaks docs says the CIA can do that.
A close reading of the descriptions of mobile hacking outlined in the documents released by WikiLeaks shows that the CIA has not yet cracked those invaluable encryption tools. That has done little to prevent confusion on the matter, something WikiLeaks itself contributed to with a carelessly worded tweet:
— WikiLeaks (@wikileaks) March 7, 2017
The end-to-end encryption protocols underpinning these private messaging apps protect all communications as they pass between devices. No one, not even the companies providing the service, can read or see that data while it is in transit. Nothing in the CIA leak disputes that. The underlying software remains every bit as trustworthy now as it was before WikiLeaks released the documents. [Continue reading…]
The Guardian reports: Roger Stone, a former adviser to Donald Trump, wrote on Saturday night that he had a “perfectly legal back channel” to Julian Assange, whose organization WikiLeaks published emails related to Hillary Clinton’s presidential campaign that intelligence agencies say were hacked by Russian intelligence. Stone then deleted the message.
While tweeting his support of the president’s unsubstantiated claims that Barack Obama tried to undermine the Trump campaign, Stone directed a series of angry and abusive messages at a scientist who questioned him.
In one post, later deleted, Stone said he had “never denied perfectly legal back channel to Assange who indeed had the goods on #CrookedHillary”.
He also invited challengers to file libel suits against him, saying: “Bring it! Would enjoy crush u in court and forcing you to eat shit – you stupid ignorant ugly bitch!”
Stone sent similar, profanity-laced messages to other critics of the president, including author JK Rowling, whom he suggested should take refugees and migrants into her own home. Stone then deleted the tweets. [Continue reading…]
The Associated Press reports: As WikiLeaks thrust itself into the heart of America’s electoral contest last year, the group’s chief spokesman tiptoed out of spotlight, stepping down from his job in a little-noticed move that leaves Julian Assange as the only public face of the radical transparency organization.
So discreet was journalist Kristinn Hrafnsson’s departure as WikiLeaks’ official representative that even in his native Iceland some fellow reporters didn’t know his role had changed. Hrafnsson’s Wikipedia page still describes the 54-year-old as WikiLeaks’ spokesman, and some news outlets still try to reach him for comment when Assange is in the headlines.
“I’m not the WikiLeaks spokesman anymore,” Hrafnsson confirmed in a telephone interview with The Associated Press from Iceland on Tuesday. He said he was still doing work for WikiLeaks — and had chatted with Assange only a few days ago — but had relinquished the role of chief media representative for personal reasons. [Continue reading…]
Christopher Dickey writes: If Vladimir Putin’s keyboard commandos are hoping to hack up French presidential elections the way they did America’s, they are, well, a little off their game. And their more-than-willing tool, Julian Assange, the Australian anarchist who brought us WikiLeaks, appears to be getting a little antsy.
It’s been a week or so since Assange announced he had pirated cables and emails about the three most prominent candidates, but nobody in France paid much—or any—attention. The cables were old, had been well sifted in the past, and there were other much bigger, fresher, and sexier scandals emerging from more conventional sources.
So Russia’s state-subsidized news sites tried to give Assange a boost. Sputnik, straining to write something entertaining about such a non-story, cobbled together a piece on Feb. 2 from various Twitter feeds mocking those who suggested the latest WikiLeaks announcement was part of a Russian democracy-disrupting conspiracy like the alleged one that made U.S. President Donald Trump’s election resemble a bad serialized version of The Manchurian Candidate.
“WikiLeaks vs. French Presidential Hopefuls: Who is the real ‘Kremlin Agent’?” read the headline. The conclusion, of course, none of the above.
But in the days since, it’s begun to look more and more as if Assange, at least, wants rather desperately to sway the elections, which are now three months away, and he’s doing his best to focus his leaks on the candidates most likely to face far-right-wing populist nationalist Marine Le Pen in the final showdown for the French presidency. [Continue reading…]
Callum Borchers writes: For most of the past seven years, Chelsea Manning has been a tailor-made villain for the conservative media. Her disclosure of secret diplomatic and military documents to WikiLeaks allowed folks such as Sean Hannity to do two of their favorite things: remind everyone of how ferociously they support the military and to blame President Obama for something at or beyond the limits of his control.
On his Fox News show in 2010, Hannity declared that Manning “needs to be held accountable” for putting “our brave men and women in the military overseas in danger,” and he wondered: “Why can’t Obama do something about the WikiLeaks?”
Now, though, things are more complicated. Obama commuted Manning’s 35-year sentence Tuesday, which in an orderly universe would have triggered a fresh round of outrage at the president, WikiLeaks and the former Army private, who is transgender and served as Bradley Manning. To be sure, there has been some outrage on the right.
But the twist is that many in the conservative media have been singing a different tune about WikiLeaks ever since the site published hacked emails that reflected poorly on Hillary Clinton and the Democratic Party — and especially since WikiLeaks founder Julian Assange told Hannity in an interview this month that Russia did not supply the emails, bolstering President-elect Donald Trump’s assertion that he did not receive any significant help from the Kremlin during the election. [Continue reading…]
The Hill reports: The attorney for Julian Assange said President Obama’s commutation of Chelsea Manning’s sentence does not meet the conditions of the WikiLeaks head’s offer to be extradited to the United States if Manning were pardoned.
Obama on Tuesday commuted Manning’s sentence for leaking classified information to WikiLeaks, leading many to wonder whether that meant Assange was ready to surrender to the Department of Justice.
“Mr. Assange welcomes the announcement that Ms. Manning’s sentence will be reduced and she will be released in May, but this is well short of what he sought,” said Barry Pollack, Assange’s U.S.-based attorney, via email.
“Mr. Assange had called for Chelsea Manning to receive clemency and be released immediately.” [Continue reading…]
If Obama grants Manning clemency Assange will agree to US extradition despite clear unconstitutionality of DoJ case https://t.co/MZU30SlfGK
— WikiLeaks (@wikileaks) January 12, 2017
Time reports: Five days before President Obama commuted Chelsea Manning’s prison sentence, WikiLeaks tweeted that the group’s editor-in-chief Julian Assange would agree to be extradited to the U.S. if Manning was given clemency.
So far, no word from Assange on whether he intends to fulfill his promise.