WikiLeaks Vault 7: CIA Has Capability To Misdirect Hack Attributions To Russia
The WikiLeaks Vault 7 drop not only revealed the far-reaching scope of the CIA’s ability to spy on the American public via televisions, cell phones, computer, and even vehicles, but also showcased the agency’s ability to misdirect hacks to uninvolved parties through stolen malware. One such mentioned party was the Russian Federation, a country that has been at the center of a variety of election hacking claims by the very agency that presumably had the capability to create the purported “fingerprints” and hack techniques being cited as “evidence” that Russia was involved in the damning DNC hack prior to the November elections. What does the WikiLeaks Vault 7 documents tell us and are the documents real?
RELEASE: Vault 7 Part 1 “Year Zero”: Inside the CIA’s global hacking force https://t.co/h5wzfrReyy pic.twitter.com/N2lxyHH9jp
— WikiLeaks (@wikileaks) March 7, 2017
The WikiLeaks Vault 7 release was hotly anticipated since the group teased at a new release back in February. While there was much speculation about what the new document drop would contain, many had speculated that it would not prove favorable to the Obama administration. With the documents now available to the public, it appears that the CIA and potentially the Obama administration may have a lot of explaining to do.
The data dump, reportedly from an inside source within the CIA or a contractor with access to the classified information, includes 8,761 documents detailing the extent of the CIA’s mass surveillance and hacking tools. WikiLeaks touts a decade-long history of posting 100 percent true and authenticated documents and there is no evidence that currently exists to prove any WikiLeaks document as a fake. Though many fake WikiLeaks sites have tried to scam the public, WikiLeaks itself has never produced a confirmed falsified document to date.
WikiLeaks has a perfect decade long record for accurate vetting. That is why no one challeges the #PodestaFiles, including the White House.
— WikiLeaks (@wikileaks) October 8, 2016
Therefore, the authenticity of the Vault 7 data drop is likely not to be questioned, but for the skeptics, the information has also been validated by Edward Snowden. In a tweet shortly after the document dump, Snowden tweeted that the documents appear real and that only a “cleared insider” could know the program and office names in the series.
What makes this look real?
Program & office names, such as the JQJ (IOC) crypt series, are real. Only a cleared insider could know them.
— Edward Snowden (@Snowden) March 7, 2017
With authenticity likely not in question, the conversation is now revolving around what the data means to the American public. Some of the startling details in the CIA hacking and surveillance arsenal included programs that would allow the CIA to gain access to Samsung Smart TVs to use the television as a bugging device, giving the CIA the capability to listen in to conversations happening in the room. The documents also showcased the ability of the CIA to hack into vehicles’ systems and potentially control vehicles which would, according to the Express, “permit the CIA to engage in nearly undetectable assassinations.”
Despite the obvious surveillance concerns, others pointed out a program from the CIA’s Remote Devices Branch’s UMBRAGE group that focused on collecting and maintaining a catalog of attack techniques used by other parties such as the Russian Federation. This catalog would allow the CIA to increase the number of the cyber attacks while misdirecting attribution on another group, such as Russia, by copying the notable “fingerprints” of the hackers.
“The CIA’s Remote Devices Branch’s UMBRAGE group collects and maintains a substantial library of attack techniques ‘stolen’ from malware produced in other states including the Russian Federation. With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the “fingerprints” of the groups that the attack techniques were stolen from.”
With the new information that the CIA could perfectly imitate the fingerprints of a Russian Federation hack, will U.S. intelligence agencies need to provide more proof than just “digital fingerprints” in the case of Russian involvement in the U.S. elections? Does the Vault 7 document dump create a real problem for those charged with investigating Russian hacking claims with an increased burden of proof?
[Featured Image by Markus Schreiber/AP Images]