WikiLeaks Vault 7: A Few Secrets to know
Two days ago Wikileaks made, what is considered the biggest ever, a release of confidential documents nicknamed "Vault 7". Wikileaks intends to do that in portions, the first portion being called "Year Zero". Those documents cover the CIA global hacking force.
Although it's not new to many that our devices have already been tracked and used to spy us, many people still believe this could be part of the "conspiracy theories". Indeed, that could be possible. But one thing to take into consideration and which is true is that the CIA exists and does function as a secret service. It's, therefore, important to take into consideration some points covered in those document in order to protect or improve your security and the one of your business.
Today more and more people trust technology and invest more in it. If you've ever lost your favorite pictures and documents from an accidental formatting or corruption of a USB stick, you would know how hard that's to bear. Now imagine a whole infrastructure, like your blog, your company's website, your emails, etc. out of your control. Imagine your realize all secret documents and projects from your clients hacked and used against you or used by your competition... That's what it's about.
In the document, it's alleged that the CIA targets iPhone, Android, smart TVs. They can use your phone camera or microphone to tap you incognito. Your smart TV could look off while it's recording your discussions.
The EDG(Engineering Development Group) is responsible for the development, testing and operational support of all backdoors, exploits, malicious payloads, trojans, viruses and any other kind of malware used by the CIA in its covert operations worldwide. -Wikileaks
Let's take a look at a few secrets revealed in those documents that we can take into consideration in order to improve our vigilance level.
Your Smart TV can be used to record your conversations
In partnership with the United Kingdom, the CIA has attacked Samsung TVs and placed them in a "Fake-Off" mode which makes the victim think their TV is off but it's recording any conversation and sending them to the CIA over the Internet.
- Solution: Avoid serious talks around them. Disconnect it from the Internet. unplug them from the power source.
Likewise your TV, your phones could be used to tape you
On top of recording you, your camera could be turned on at any time, or pictures can be taken. Apple products have more attention in this situation because of they are more used in the political field, business, and diplomatic corp. This is also applied to Google's Android which has the biggest market share.
You car could be remotely controller
One of the CIA projects was to infect vehicles' control systems used by modern cars and trucks. Imagine the consequences.
- Solution: Hard to say
They target Windows, OSx, Linux, routers
Your computers running these Operating Systems can also be infected by the CIA's malware
- Solution: Keep your OS updated in order to get patches from vendors; this will help against "Zero Days" attacks. Be careful of inserting USB sticks into your systems
Applications like Signal, Telegram, and WhatsApp can be insecure
When Operating Systems are compromised, any application under it is also at risk.
The CIA hides holes in applications in order to avoid other agencies to know about it.
Why this might look normal, it's actually a big danger. Let's me explain. Holes are usually left by inadvertence or mistake by software developers. And whenever they are found, the vendor(like Microsoft) would send you a notification to update your copy of the software, you patch your application in that case. But, before that, they need to be aware of the existence of the hole, otherwise, hackers would be exploiting it secretly.
In addition to that Wikileaks gives a example of tools and techniques used by the CIA such as UMBRAGE which is a group in charge of keeping records of attach techniques so that they use a unique attack all the time.
This is just the first part of this Wikileaks' release. And it already contains so much information that it's hard to go through all(8,761 documents and files). Here is the table of content of this part.
We will keep on deeging and sharing with you the little we find.
While Wikileaks team is steal sorting and verifying some of the information before publishing, it's already a lot of agitation and confusion in politics and on the Internet. Our privacy is in doubt. And, Google says it's already fixed some of the exploits