X

WikiLeaks: Here's how the CIA hacks your phones, TVs and PCs

The organization releases thousands of documents it claims show how the US spy agency can crack open devices from Apple, Samsung, Google and Microsoft.

Laura Hautala Former Senior Writer
Laura wrote about e-commerce and Amazon, and she occasionally covered cool science topics. Previously, she broke down cybersecurity and privacy issues for CNET readers. Laura is based in Tacoma, Washington, and was into sourdough before the pandemic.
Expertise E-commerce, Amazon, earned wage access, online marketplaces, direct to consumer, unions, labor and employment, supply chain, cybersecurity, privacy, stalkerware, hacking. Credentials
  • 2022 Eddie Award for a single article in consumer technology
Alfred Ng Senior Reporter / CNET News
Alfred Ng was a senior reporter for CNET News. He was raised in Brooklyn and previously worked on the New York Daily News's social media and breaking news teams.
Laura Hautala
Alfred Ng
6 min read
Watch this: Can the CIA control your phone? WikiLeaks claims explained

WikiLeaks says it's released thousands of documents showing secret CIA hacking tools that the agency can use to break into our phones, cars, computers and smart TVs.

WikiLeaks, which has published everything from US diplomatic cables to emails addressed to Hillary Clinton's campaign chairman, posted the alleged CIA documents Tuesday under the name "Vault 7." The documents could potentially reveal the agency's most important hacking techniques used to penetrate systems around the world. CNET is unable to verify whether the documents are real or have been altered.

"We do not comment on the authenticity or content of purported intelligence documents," CIA spokesman Jonathan Liu said in an email.

If the documents are the real deal, the leaks provide a glimpse into just how much access the CIA has into your life -- thanks to the gadgets you carry around all day. The magnitude of the hacking tools is jaw-dropping; the documents suggest the agency was able to break into the underlying operating systems running iPhones, Android phones and Windows and Linux computers.

That means it had access to data stored on the device and even to encrypted messages sent through popular services like WhatsApp, Signal and Telegram. In other cases, the hacks can turn gadgets like a Samsung Smart TV into listening devices, WikiLeaks said.

WikiLeaks has a long track record of releasing top secret government documents, and experts who've started to sift through the material said it appears legitimate, CBS News reported. Yet it's unclear whether these programs are still running and whether they affect the latest versions of each operating system.

'Untold value'

If the tools are currently in use, "that has untold value," said Paul Rosenzweig, founder of cybersecurity company Redbranch Consulting and the former deputy assistant secretary for policy at the US Department of Homeland Security. "If Samsung TV is inside Vladimir Putin's home, this is a good thing [for the CIA]."

On the other hand, Rosenzweig said it's unlikely the CIA is the only group that knows about the holes that let these hacking tools crack into phones and other devices. "There's no reason to think these vulnerabilities are not also known to the Chinese, the Russians," he said.

I spy with an iPhone: What tech's open to the CIA?

See all photos

These leaks come after more than a year of debate over government investigators accessing consumer devices. Frustrated at not being able to access encrypted information -- which is scrambled and unreadable without a password -- the government can get around encryption by buying or developing its own hacking tools that unlock devices.

The debate took off when the US Department of Justice sought to require Apple to help it open an encrypted iPhone belonging to one of the San Bernardino shooters. After Apple fought back in court, the FBI said it had obtained another way to access the phone.

If the CIA could break into a phone's operating system, it wouldn't have to break the encryption; it would simply gain the same access to messages and data that regular users would have when unlocking a phone or computer.

White House Press Secretary Sean Spicer declined to comment on the leaks.

Google and Motorola declined to comment on WikiLeaks' claims. Samsung said it was investigating the CIA's hacking tools.

"Protecting consumers' privacy and the security of our devices is a top priority at Samsung. We are aware of the report in question and are urgently looking into the matter," Samsung said in a statement.

Apple said late Tuesday that it had already addressed many issues described in the documents released by WikiLeaks.

"While our initial analysis indicates that many of the issues leaked today were already patched in the latest iOS, we will continue work to rapidly address any identified vulnerabilities," Apple said in a statement. "We always urge customers to download the latest iOS to make sure they have the most recent security updates."

For LG, the episode underscores the need for strong product security.

"Digital privacy isn't just an LG concern, it's an industry-wide issue that needs to be tackled by everyone who has a stake in the system, which is why we are completely committed to working with other industry players to make sure that consumers are protected to the fullest extent that today's technology will allow," LG said in a statement.

"We're aware of the report and are looking into it," a Microsoft spokesman said in an email.

Who can you trust?

Alex Rice, an executive at HackerOne who focuses on helping tech companies find and fix bugs in their systems, said the revelations will likely further strain the relationship between tech companies and the US government. Why? They make it harder for regular people to trust their devices, which is bad for the tech companies' bottom lines.

"The US economy relies significantly on the trust of its consumers, and if consumers can't trust US-made tech products, this harms competitiveness," Rice said in an email.

Signal said the takeaway from the WikiLeaks documents isn't about messaging apps.

"The CIA-WikiLeaks story today is about getting malware onto phones, none of the exploits are in Signal or break Signal Protocol encryption," said Moxie Marlinspike, the founder of Signal. "This story isn't about Signal or WhatsApp, but to the extent that it is, we see it as confirmation that what we're doing is working."

Telegram said on its website that the problem lies with operating systems, not encrypted messaging apps, and that naming specific encrypted services is "misleading." WhatsApp declined to comment.

Edward Snowden, the former NSA contractor who leaked documents detailing NSA spy programs to journalists in 2013, wrote about the WikiLeaks documents Tuesday on Twitter. He said hacking the operating system is actually "worse" than hacking encrypted messaging services like WhatsApp.

Pokemon and hoarding

The hacking tools described by WikiLeaks go beyond merely opening encrypted devices. The WikiLeaks press release says the documents show the CIA developed tools to turn smart TVs into listening devices with a tool called "Weeping Angel" and sought to find ways to hack the control systems in internet-connected cars.

Like something out of a spy movie, other colorful code names include "Brutal Kangaroo," a system to hide data images, and "Hammer Drill," which infects software distributed on CDs or DVDs. Other code names include references to Pokemon.

The documents describe a vast CIA hacking operation covertly based in the US consulate in Frankfurt and covering Europe, the Middle East and Africa. The documents include instructions to help officers on temporary duty get through German immigration easily and get euros, and a reminder not to leave electronics or sensitive items unattended in hotel rooms.

"Paranoid, yes," the document reads, "but better safe than sorry."

WikiLeaks said the CIA had also "hoarded" vulnerabilities in the software run by tech giants like Apple and Microsoft, staying quiet about exploits so the agency could retain backdoor access.

The leaks came from a high-security CIA network in Langley, Virginia, according to WikiLeaks. The US spy agency appears to have targeted computers, phones and smart TVs, according to CBS News.

In a tweet, WikiLeaks said that the CIA showed "negligence" in not protecting the information WikiLeaks was publishing.

Ed McAndrew, a former federal cybercrime prosecutor who now practices privacy law at Ballard Spahr, said that if the leaked hacking tools have found their way to groups other than WikiLeaks, that could leave everyone vulnerable to them.

"Once this stuff is released into the wild of the internet, there's no getting it back," McAndrew said. "It's pretty stunning, if legitimate, that this type of trove could be stolen and disseminated."

First published March 7, 2017 at 10:04 a.m. PT
Updates, 10:59 a.m PT:
Added comment from Microsoft and from Edward Snowden, along with background information, and noted that WhatsApp declined to comment. 11:32 a.m.: Noted that Motorola declined to comment and that Open Whisper Systems didn't respond to requests for comment, and added comment from Telegram and more details from the leaks. 1:01 p.m.: Added comment from Open Whisper Systems and additional background. 1:13 p.m.: Added details from leaks about CIA operations in Frankfurt. 1:42 p.m.: Added comments from cybersecurity and law experts. 7:05 p.m.: Added Apple comment. 8:30 p.m.: Added LG comment.
Update, March 8 at 9:46 a.m. PT:Added Samsung comment.

CNET Magazine: Check out a sampling of the stories you'll find in CNET's newsstand edition.

Life, disrupted: In Europe, millions of refugees are still searching for a safe place to settle. Tech should be part of the solution. But is it? CNET investigates.