ikiLeaks Vault 7 Releases CIA Documents Showing How Agency Obscures Hacking Origins

John McAfee views on WikiLeaks Vault 7 Releases

WikiLeaks Vault 7 proves CIA equates to Crooks In Action

Today, September 7th 2017, WikiLeaks publishes four secret documents from the Protego project of the CIA, along with 37 related documents (proprietary hardware/software manuals from Microchip Technology Inc.). The project was maintained between 2014 and 2015.

Protego is not the “usual” malware development project like all previous publications by WikiLeaks in the Vault7 series. Indeed there is no explicit indication why it is part of the project repositories of the CIA/EDG at all.

The Protego project is a PIC-based missile control system that was developed by Raytheon. The documents indicate that the system is installed on-board a Pratt & Whitney aircraft (PWA) equipped with missile launch systems (air-to-air and/or air-to-ground).

Protego consists of separate micro-controller units that exchange data and signals over encrypted and authenticated channels:

» On-board TWA are the ‘Master Processor’ (MP) and the ‘Deployment Box’. Both systems are layed-out with master/slave redundancy.

» The missle system has micro-controllers for the missle itself (‘Missle Smart Switch’, MSS), the tube (‘Tube Smart Switch’, TSS) and the collar (which holds the missile before and at launch time).

Wikileaks

WASHINGTON — In what appears to be the largest leak of C.I.A documents in history, WikiLeaks released on Tuesday thousands of pages describing sophisticated software tools and techniques used by the agency to break into smartphones, computers and even Internet-connected televisions.

The documents amount to a detailed, highly technical catalog of tools. They include instructions for compromising a wide range of common computer tools for use in spying: the online calling service Skype; Wi-Fi networks; documents in PDF format; and even commercial antivirus programs of the kind used by millions of people to protect their computers.

A program called Wrecking Crew explains how to crash a targeted computer, and another tells how to steal passwords using the autocomplete function on Internet Explorer. Other programs were called CrunchyLimeSkies, ElderPiggy, AngerQuake and McNugget.

The document dump was the latest coup for the antisecrecy organization and a serious blow to the C.I.A., which uses its hacking abilities to carry out espionage against foreign targets. New York Times

Malware and hacking tools that mirror one detailed in purported Central Intelligence Agency (CIA) Vault 7 documents released by WikiLeaks have been used in numerous cyberattacks in recent years, according to cyber security firm Symantec.

The tools have been used primarily by a group Symantec identified as Longhorn. The collective has been active since at least 2011 and has been tied to attacks against 40 targets in 16 different countries.

Read: WikiLeaks Vault 7, Year Zero: CIA Can Hack iOS, Android Devices, Access Encrypted Messaging Apps Like WhatsApp, Alleged Documents Say

Symantec claims it has been tracking the group for three years, keeping a close eye on its behavior in order to protect against similar attacks. Since the release of CIA documents by WikiLeaks as a part of its Vault 7 series, the security firm has been able to match the technical documentation from supposed CIA hacks to those performed by Longhorn.

According to Symantec, the Longhorn group has used some of the same cryptographic protocols identified in the Vault 7 documents. The group also used tactics for avoiding detection that were similar to ones in the leaks. Ibtimes

When WikiLeaks yesterday released a trove of documents purporting to show how the CIA hacks everything from smartphones to PCs to smart televisions, the agency’s already shadowy reputation gained a new dimension. But if you’re an average American, rather than Edward Snowden or an ISIS jihadi, the real danger clarified by that leak wasn’t that someone in Langley is watching you through your hotel room’s TV. It’s the rest of the hacker world that the CIA has inadvertently empowered.

As security researchers and policy analysts dig through the latest WikiLeaks documents, the sheer number of hacking tools the CIA has apparently hoarded for exploiting zero-day vulnerabilities—secret inroads that tech firms haven’t patched—stands out most. If the US intelligence community knows about them, that leaves open the possibility that criminal and foreign state hackers do as well.

Its broad zero-day stash, then, strongly suggests that the CIA—along with other intelligence agencies—has long allowed Americans to remain vulnerable to those same attacks. Now that those hacking secrets are public, potentially along with enough details to replicate them, the danger of the feds leaving major security flaws unfixed only escalates. https://www.wired.com/2017/03/cias-hacking-hoard-makes-everyone-less-secure/