On March 7, 2017, Wikileaks released a series of files titled Vault 7, which is “the largest ever publication of confidential documents on the agency [C.I.A.]” as described in the official press release. At this point, Vault 7 contains information on C.I.A. hacking and surveillance tools from 2013-2016. However, Wikileaks noted that the C.I.A. has yet to clarify and/or confirm if the hacking tools built allow them to “conduct espionage.”
Part One – Year Zero:
Part one called is Year Zero, which holds 8,000+ files with “hacking tools that could breach almost anything connected to the internet,” the New York Times stated a day after the first release. Year Zero is a large archive–larger than the first three years of Snowden leaks as it contains 7,818 web pages with 943 attachments–that gives the public a glimpse into the “C.I.A.’s global covert hacking program, its malware arsenal” and “weaponized exploits” that can change products like Apple’s iPhone, Google’s Android, Microsoft Windows phones and Samsung TVs into microphones.
Controlling your TV:
Titled Project Weeping Angel, Wikileaks says the C.I.A. has created a “fake-off” mode created for Samsung Smart TVs “so that the owner falsely believes the TV is off when it is on.” This means, during the TV’s “fake-off” mode, the TV can record conversations in that room and send them directly to a C.I.A. server.
The C.I.A. has also created technology that, when “infected,” a user’s phone will send the location, audio, text messages to an unknown location and turn on the phone’s camera and microphone. However, the C.I.A. is hiding these security flaws from companies like Apple and Google, but in doing so they are ensuring that the C.I.A., and everyone who has access to this technology, “can hack everyone at the expense of leaving everyone hackable,” Wikileaks stated. Another piece of technology, named Night Skies, is specifically made to target factory iPhones to place the hacking technology in iPhones as soon as come onto the market.
Part Two – Dark Matter:
On March 23, 2017, Dark Matter was released. Dark Matter is an archive that contains further information on how to hack into Mac computers. This poses many problems for firmware programs because it stays on a computer even after re-installations of firmware. There are many projects that allow hackers to gain access to a Mac through a USB stick.
Part Three – Marble Framework:
On March 31st, Wikileaks released Marble Framework, the last of the Vault 7 releases. Marble Framework is a text language to disguise sources of C.I.A. hacking malware to appear foreign rather than domestic. Within Marble Framework is the Umbrage Library that holds all of the “fingerprints” that come in Chinese, Russian, Korean, Arabic and Farsi. Wikileaks describes the impact of Marble Framework as “drawing forensic investigators even more strongly to the wrong conclusion.”
Part Four – The Grasshopper:
On April 7th, Wikileaks dropped the latest section of the Vault 7 which is 27 documents regarding “insights into how the CIA builds “modern espionage tools” and makes use of vulnerabilities in Windows computers,” reported by WIRED. This release pairs nicely with Dark Matter, except Grasshopper targets Microsoft Windows operating systems rather than Mac.
What does this mean for digital natives?
Technopedia defines a digital native as:
“an individual who was born after the widespread adoption of digital technology. The term digital native doesn’t refer to a particular generation. Instead, it is a catch-all category for children who have grown up using technology like the Internet, computers and mobile devices. This exposure to technology in the early years is believed to give digital natives a greater familiarity with an understanding of technology than people who were born before it was widespread.”
Meaning, digital natives are different than older users who did not grow up with this technology that the government is now hacking into. Digital natives know more about the inner workings of these devices, and so should have a better understanding of the implications of Vault 7. However, after the multiple releases of Vault 7, many Americans–especially digital natives–aren’t talking about it.
“It’s possible that Americans have merely accepted a new world of invasive intelligence monitoring and moved on with their lives. All of the drama and intrigue of the Snowden revelations generated no real change. Why would things be any different this time?”
– Andrea O’Sullivan, Technology Policy Program, Mercatus Center at George Mason University
Although all of this information was released by Wikileaks, the C.I.A. has commented on the Wikileaks release claiming “disclosures ‘equip our adversaries with tools and information to do us harm.” (12) The C.I.A. spokesman Ryan Trapani also said that “the C.I.A. is legally prohibited from spying on individuals in the United States and “does not do so.” (13)
While many tech experts are debating on the power the C.I.A. has over digital users, the possibilities are concerning.
“What’s critical to understand is that these vulnerabilities can be exploited not just by our government but by foreign governments and cyber criminals around the world, and that’s deeply troubling…Our government should be working to help the companies patch vulnerabilities when they are discovered, not stockpiling them.”
– Ashley Gorski, American Civil Liberties Union
At this point it is unclear if the C.I.A. and hackers can break the encryption on communication apps like Signal, Confide, Telegram, and WhatsApp–because if they did, “the government might be able to intercept such communications on a large scale and search for names or keywords,” said the New York Times. But, journalists some experts don’t think that the tools have that much power, yet. What sounds more realistic at this point is that if the C.I.A. wants to specifically hack your device, they can do so. However because they would have to decrypt your phone individually, they don’t have the power to have complete oversight of all digital devices at the same time. So, instead of panicking, digital natives should understand that when using any piece of technology, one’s privacy is at risk. As more information on Vault 7 is released, stay up to date on what it means for everyday users.
“If you are a consumer and you think the technology you use is safe, you are sadly deluded.”
– James Lewis, SVP at the Center for Strategic International Studies
Barbosa, G. (2017, March 23). WikiLeaks’ latest Vault 7 documents profile CIA’s exploits for Mac & iPhone. Retrieved April 12, 2017, from https://9to5mac.com/2017/03/23/wikileaks-vault-7-cia-exploits-mac-iphone/
Dark Matter. (2017, March 23). Retrieved April 12, 2017, from https://wikileaks.org/vault7/#Dark Matter
Griffin, A. (2017, March 08). WikiLeaks publishes massive trove of CIA spying files in ‘Vault 7’ release. Retrieved April 13, 2017, from http://www.independent.co.uk/life-style/gadgets-and-tech/news/wikileaks-cia-vault-7-julian-assange-year-zero-documents-download-spying-secrets-a7616031.html
Lohr, S., & Benner, K. (2017, March 07). With WikiLeaks Claims of C.I.A. Hacking, How Vulnerable Is Your Smartphone? Retrieved April 13, 2017, from https://www.nytimes.com/2017/03/07/technology/cia-hacking-documents-wikileaks-iphones-tvs.html
Marble Framework. (2017, March 31). Retrieved April 12, 2017, from https://wikileaks.org/vault7/#Marble Framework
Rosenberg, M., Shane, S., & Goldman, A. (2017, March 08). C.I.A. Scrambles to Contain Damage From WikiLeaks Documents. Retrieved April 12, 2017, from https://www.nytimes.com/2017/03/08/us/wikileaks-cia.html?_r=0
Sullivan, A. (2017, March 16). Vault 7 Versus Snowden: Why Was One Such a Bigger Story? Retrieved April 12, 2017, from http://reason.com/archives/2017/03/16/vault-7-versus-snowden
Tufekci, Z. (2017, March 09). The Truth About the WikiLeaks C.I.A. Cache. Retrieved April 12, 2017, from https://www.nytimes.com/2017/03/09/opinion/the-truth-about-the-wikileaks-cia-cache.html
Vault 7: CIA Hacking Tools Revealed. (2017, March 7). Retrieved April 12, 2017, from https://wikileaks.org/ciav7p1/