(Rewrites throughout with details and cyber security expert
By Dustin Volz and Warren Strobel
WASHINGTON, March 7 Anti-secrecy group WikiLeaks
on Tuesday published what it said were thousands of pages of
internal CIA discussions about hacking techniques used over
several years, renewing concerns about the security of consumer
electronics and embarrassing yet another U.S. intelligence
The discussion transcripts showed that CIA hackers could get
into Apple Inc iPhones, Google Inc Android
devices and other gadgets in order to capture text and voice
messages before they were encrypted with sophisticated software.
Cyber security experts disagreed about the extent of the
fallout from the data dump, but said a lot would depend on
whether WikiLeaks followed through on a threat to publish the
actual hacking tools that could do damage.
Reuters could not immediately verify the contents of the
published documents, but several contractors and private cyber
security experts said the materials, dated between 2013 and
2016, appeared to be legitimate.
A longtime intelligence contractor with expertise in U.S.
hacking tools told Reuters the documents included correct
"cover" terms describing active cyber programs.
Among the most noteworthy WikiLeaks claims is that the
Central Intelligence Agency, in partnership with other U.S. and
foreign agencies, has been able to bypass the encryption on
popular messaging apps such as WhatsApp, Telegram and Signal.
The files did not indicate the actual encryption of Signal
or other secure messaging apps had been compromised.
The information in what WikiLeaks said were 7,818 web pages
with 943 attachments appears to represent the latest breach in
recent years of classified material from U.S. intelligence
Security experts differed over how much the disclosures
could damage U.S. cyber espionage. Many said that, while
harmful, they do not compare to former National Security Agency
contractor Edward Snowden's revelations in 2013 of mass NSA data
"This is a big dump about extremely sophisticated tools that
can be used to target individual user devices ... I haven’t yet
come across the mass exploiting of mobile devices," said Tarah
Wheeler, senior director of engineering and principal security
advocate for Symantec.
Stuart McClure, CEO of Cylance, an Irvine, California, cyber
security firm, said that one of the most significant disclosures
shows how CIA hackers cover their tracks by leaving electronic
trails suggesting they are from Russia, China and Iran rather
than the United States.
Other revelations show how the CIA took advantage of
vulnerabilities that are known, if not widely publicized.
In one case, the documents say, U.S. and British personnel,
under a program known as Weeping Angel, developed ways to take
over a Samsung smart television, making it appear it was off
when in fact it was recording conversations in the room.
The CIA and White House declined comment. "We do not comment
on the authenticity or content of purported intelligence
documents," CIA spokesman Jonathan Liu said in a statement.
Google declined to comment on the purported hacking of its
Android platform, but said it was investigating the matter.
Snowden on Twitter said the files amount to the first public
evidence that the U.S. government secretly buys software to
exploit technology, referring to a table published by WikiLeaks
that appeared to list various Apple iOS flaws purchased by the
CIA and other intelligence agencies.
Apple Inc did not respond to a request for comment.
The documents refer to means for accessing phones directly
in order to catch messages before they are protected by
end-to-end encryption tools like Signal.
Signal inventor Moxie Marlinspike said he took that as
"confirmation that what we’re doing is working." Signal and the
like are "pushing intelligence agencies from a world of
undetectable mass surveillance to a world where they have to use
expensive, high-risk, extremely targeted attacks."
CIA CYBER PROGRAMS
The CIA in recent years underwent a restructuring to focus
more on cyber warfare to keep pace with the increasing digital
sophistication of foreign adversaries. The spy agency is
prohibited by law from collecting intelligence that details
domestic activities of Americans and is generally restricted in
how it may gather any U.S. data for counterintelligence
The documents published Tuesday appeared to supply specific
details to what has been long-known in the abstract: U.S.
intelligence agencies, like their allies and adversaries, are
constantly working to discover and exploit flaws in any manner
of technology products.
Unlike the Snowden leaks, which revealed the NSA was
secretly collecting details of telephone calls by ordinary
Americans, the new WikiLeaks material did not appear to contain
material that would fundamentally change what is publicly known
about cyber espionage.
WikiLeaks, led by Julian Assange, said its publication of
the documents on the hacking tools was the first in a series of
releases drawing from a data set that includes several hundred
million lines of code and includes the CIA's "entire hacking
The documents only include snippets of computer code, not
the full programs that would be needed to conduct cyber
WikiLeaks said it was refraining from disclosing usable code
from CIA's cyber arsenal "until a consensus emerges on the
technical and political nature of the C.I.A.’s program and how
such ‘weapons’ should be analyzed, disarmed and published."
U.S. intelligence agencies have said that Wikileaks has ties
to Russia's security services. During the 2016 U.S. presidential
campaign, Wikileaks published internal emails of top Democratic
Party officials, which the agencies said were hacked by Moscow
as part of a coordinated influence campaign to help Republican
Donald Trump win the presidency.
WikiLeaks has denied ties to Russian spy agencies.
Trump praised WikiLeaks during the campaign, often citing
hacked emails it published to bolster his attacks on Democratic
Party candidate Hillary Clinton.
WikiLeaks said on Tuesday that the documents showed that the
CIA hoarded serious security vulnerabilities rather than share
them with the public, as called for under a process established
by President Barack Obama.
Rob Knake, a former official who dealt with the issue under
Obama, said he had not seen evidence in what was published to
support that conclusion.
The process "is not a policy of unilateral disarmament in
cyberspace. The mere fact that the CIA may have exploited
zero-day [previously undisclosed] vulnerabilities should not
surprise anyone," said Knake, now at the Council on Foreign
U.S. officials, speaking on condition of anonymity, said
they did not know where WikiLeaks might have obtained the
In a press release, the group said, "The archive appears to
have been circulated among former U.S. government hackers and
contractors in an unauthorized manner, one of whom has provided
WikiLeaks with portions of the archive."
U.S. intelligence agencies have suffered a series of
security breaches, including Snowden's.
In 2010, U.S. military intelligence analyst Chelsea Manning
provided more than 700,000 documents, videos, diplomatic cables
and battlefield accounts to Wikileaks.
Last month, former NSA contractor Harold Thomas Martin was
indicted on charges of taking highly sensitive government
materials over a course of 20 years, storing the secrets in his
(Reporting by Dustin Volz and Warren Strobel; additional
reporting by Joseph Menn, Mark Hosenball, Jonathan Landay and
Jim Finkle; Editing by Grant McCool)