What we know about WikiLeaks' claims about CIA hacking

The website claims they have several hundred million lines of code from the CIA's hacking arsenal that includes damaging information.

WikiLeaks, known for its high-profile releases of confidential government documents, has published a trove of documents it says exposes the U.S. Central Intelligence Agency's hacking operations.

USA TODAY has not yet been able to confirm the authenticity of the documents. The CIA did not immediately return a call for comment.

Here's what we know so far.

What do the documents claim to reveal?

WikiLeaks says the documents detail the size and scope of the CIA's hacking capabilities. The agency's hacking division had more than 5,000 users and produced more than a thousand trojans, viruses and "weaponized" malware, WikiLeaks said in a statement on its website.

The hacking program detailed in the documents had the ability to tap into iPhones, Google Android phones, Microsoft Windows operating systems and even Samsung smart televisions, which can act as microphones. WikiLeaks said the agency could place smart TVs into "fake-off" mode, which allowed the agency to record conversations when the TV was seemingly off. The information, WikiLeaks said, would then be sent to "a covert CIA server."

"The CIA had created, in effect, its 'own NSA' with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified," said WikiLeaks in a statement on its website.

What is WikiLeaks?

WikiLeaks is a multi-national media organization and associated library, according to its website. It was founded by its publisher Julian Assange in 2006. Assange has been holed up in the Ecuadorian embassy in London since 2012 to avoid extradition to Sweden, where he has been accused of sexual assault, and the United States, where he fears possible espionage charges.

WikiLeaks has conducted a global crusade to expose government secrets through a series of controversial and sometimes embarrassing document dumps in recent years. One led to the imprisonment of Chelsea Manning, who has spent six years behind bars for leaking hundreds of thousands of classified documents through the WikiLeaks website.

This new data dump. Is it all true?

USA TODAY hasn't yet been able to verify the documents, which were released Tuesday. The CIA declined to comment on the authenticity of the documents.

How many documents are there?

WikiLeaks said it has published thousands of documents, which it said is "the largest ever publication of confidential documents on the (CIA)."

How did WikiLeaks get the documents?

WikiLeaks did not unveil its source. However, the organization did say the CIA Center for Cyber Intelligence "lost control of the majority of its hacking arsenal," which provided "the entire hacking capacity of the CIA."

Will there be an investigation?

California Congressman Ted Lieu quickly called for an investigation by Congress in the wake of the release.

"The potential privacy concerns are mind-boggling," Lieu said. "We need to know if the CIA lost control of its hacking tools, who may have those tools, and how do we now protect the privacy of Americans."

What do security experts think?

Jake Williams of the Rendition Infosec security firm said hackers, and those who combat them, will put the documents to use in the coming days or weeks.

"This is a treasure trove of information," Williams said. "We are regularly dealing with corporations being attacked by nation-state hacking groups. This gives us a lot of insight into how they do it."

Scott Vernick of the law firm Fox Rothschild said if it's true, "then at a minimum this is Snowden 2.0," referring to the former government contractor Edward Snowden, who leaked details of U.S. surveillance programs to news outlets.

"You're talking about an extensive hacking and malware program by the most powerful and largest intelligence-gathering organization in the world, one that's purportedly lost control over the arsenal," said Vernick, who specializes in data security and privacy.

Pop culture references

The documents showed CIA developers' penchant for pop culture. They named programs and techniques after the television series Doctor Who as well as the films Talladega Nights and Fight Club.

The documents revealed the "fake-off" smart TV technique was named "Weeping Angel," a nod to a recurring group of villains in Doctor Who. An implant for computers running Microsoft Windows went by the name "RickyBobby," the character played by Will Ferrell in the 2006 film Talladega Nights. Fight Club was the name for a trojan spread by thumb drives.

Follow Sean Rossman on Twitter: @SeanRossman

John Bacon, Elizabeth Weise and Nick Penzenstadler contributed to this article.

Copyright USA TODAY


JOIN THE CONVERSATION

To find out more about Facebook commenting please read the
Conversation Guidelines and FAQs

Leave a Comment