AliceA report published yesterday on WikiLeaks dubbed ‘Vault 7’ claims that the CIA and MI5 collaborated to hack into smart phones, Samsung Smart TVs and vehicle control systems, further highlighting the security issues that go hand in hand with IoT devices.
CE Pro Europe reached out to Samsung for a comment: “Protecting consumers’ privacy and the security of our devices is a top priority at Samsung. We are aware of the report in question and are urgently looking into the matter,” said a Samsung spokesperson.
Vault 7 reports that the CIA recently lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponised ‘zero day’ exploits, malware remote control systems and associated documentation. This collection, which reportedly amounts to more than several hundred million lines of code, is said to give its possessor the entire hacking capacity of the CIA.
WikiLeaks says the archive appears to have been circulated among former US government hackers and contractors in an unauthorised manner, one of whom has provided WikiLeaks with portions of the archive.
In particular, Vault 7 states that ‘Year Zero’ introduces the scope and direction of the CIA’s global covert hacking program, its malware arsenal and dozens of ‘zero day’ weaponised exploits against a wide range of US and European company products, include Apple’s iPhone, Google’s Android and Microsoft’s Windows and Samsung TVs, which it reports are turned into covert microphones.
“There is an extreme proliferation risk in the development of cyber ‘weapons’,” says Julian Assange, WikiLeaks editor. “Comparisons can be drawn between the uncontrolled proliferation of such ‘weapons’, which results from the inability to contain them combined with their high market value, and the global arms trade. But the significance of ‘Year Zero’ goes well beyond the choice between cyberwar and cyberpeace. The disclosure is also exceptional from a political, legal and forensic perspective.”
Weeping Angel And Samsung TVs
The increasing sophistication of surveillance techniques has drawn comparisons with George Orwell’s 1984, but what appears to be crucial is ‘Weeping Angel’, which was reportedly developed by the CIA’s Embedded Devices Branch (EDB), which infests smart TVs, effectively transforming them into covert microphones.
The report states: “The attack against Samsung smart TVs was developed in cooperation with the United Kingdom’s MI5/BTSS. After infestation, Weeping Angel places the target TV in a ‘Fake-Off’ mode, so that the owner falsely believes the TV is off when it is on. In ‘Fake-Off’ mode the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.
The hack reportedly applies only to Samsung televisions from 2012 and 2013 that feature outdated firmware versions 1111, 1112, and 1116, and the giveaway if a TV has a ‘Fake-Off’ mode is said to be a blue LED on the back of the set that stays on.
These are the Samsung models that could be affected: From 2012: UNES8000F, E8000GF plasma and UNES7550F. From 2013: UNF8000 series, F8500 plasma, UNF7500 series and UNF7000 series.
Cars And Smart Phones
“As of October 2014 the CIA was also looking at infecting the vehicle control systems used by modern cars and trucks. The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations,” says the report.
Added to that, Vault 7 claims that the CIA’s Mobile Devices Branch (MDB) developed numerous attacks to remotely hack and control popular smart phones, reporting that infected phones can be instructed to send the CIA the user’s geolocation, audio and text communications as well as covertly activate the phone’s camera and microphone.
“Despite iPhone’s minority share (14.5%) of the global smart phone market in 2016, a specialised unit in the CIA’s Mobile Development Branch produces malware to infest, control and exfiltrate data from iPhones and other Apple products running iOS, such as iPads,” the WikiLeaks report continues.
“A similar unit targets Google’s Android which is used to run the majority of the world’s smart phones (~85%) including Samsung, HTC and Sony. 1.15 billion Android powered phones were sold last year. ‘Year Zero’ shows that as of 2016 the CIA had 24 ‘weaponised’ Android ‘zero days’ which it has developed itself and obtained from GCHQ, NSA and cyber arms contractors.”
These techniques are said to permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman by hacking the smart phones that they run on and collecting audio and message traffic before encryption is applied.
Windows, OSx And Linux
Not stopping there, Vault 7 states that the CIA also runs a very substantial effort to infect and control Microsoft Windows users with its malware. This reportedly includes multiple local and remote weaponised ‘zero days’, air gap jumping viruses such as ‘Hammer Drill’ which infects software distributed on CD/DVDs, infectors for removable media such as USBs, systems to hide data in images or in covert disk areas (‘Brutal Kangaroo’) and to keep its malware infestations going.
“Attacks against Internet infrastructure and webservers are developed by the CIA’s Network Devices Branch (NDB),” says the report. “The CIA has developed automated multi-platform malware attack and control systems covering Windows, Mac OS X, Solaris, Linux and more, such as EDB’s ‘HIVE’ and the related ‘Cutthroat’ and ‘Swindle’ tools.”
Obama Initiative Breached
The report states that in the wake of Edward Snowden’s leaks about the NSA, the US technology industry secured a commitment from the Obama administration outlining that the executive would disclose on an ongoing basis — rather than hoard — serious vulnerabilities, exploits, bugs or ‘zero days’ to Apple, Google, Microsoft, and other US-based manufacturers.
However Vault 7 claims that ‘Year Zero’ documents show that the CIA breached the Obama administration’s commitments.
The report states: “As an example, specific CIA malware revealed in ‘Year Zero’ is able to penetrate, infest and control both the Android phone and iPhone software that runs or has run presidential Twitter accounts. The CIA attacks this software by using undisclosed security vulnerabilities (‘zero days’) possessed by the CIA but if the CIA can hack these phones then so can everyone else who has obtained or discovered the vulnerability. As long as the CIA keeps these vulnerabilities concealed from Apple and Google (who make the phones) they will not be fixed, and the phones will remain hackable.”
CE Pro Europe will update this story as it happens.