(Adds CIA statement, paragraphs 9-10; U.S. Senate intelligence
panel member comment on contractors, paragraphs 13-15)
By John Walcott and Mark Hosenball
WASHINGTON, March 8 CIA contractors likely
breached security and handed over documents about the agency's
use of hacking tools to anti-secrecy group WikiLeaks, U.S.
intelligence and law enforcement officials told Reuters on
Two officials speaking on condition of anonymity said
intelligence agencies have been aware since the end of last year
of the breach, which led to WikiLeaks releasing thousands of
pages of information on its website on Tuesday.
According to the documents, Central Intelligence Agency
hackers could get into Apple Inc iPhones, devices
running Google's Android software and other gadgets in order to
capture text and voice messages before they were encrypted with
The White House said on Wednesday that President Donald
Trump was "extremely concerned" about the CIA security breach
that led to the WikiLeaks release.
"Anybody who leaks classified information will be held to
the highest degree of law," spokesman Sean Spicer said.
The two officials told Reuters they believed the published
documents about CIA hacking techniques used between 2013 and
2016 were authentic.
One of the officials with knowledge of the investigation
said companies that are contractors for the CIA have been
checking to see which of their employees had access to the
material that WikiLeaks published, and then going over their
computer logs, emails and other communications for any evidence
of who might be responsible.
On Tuesday in a press release, WikiLeaks itself said the CIA
had "lost control" of an archive of hacking methods and it
appeared to have been circulated "among former U.S. government
hackers and contractors in an unauthorized manner, one of whom
has provided WikiLeaks with portions of the archive."
The CIA, which is the United States' civilian foreign
intelligence service, declined to comment on the authenticity of
purported intelligence documents.
The agency said in a statement that its mission was to
collect foreign intelligence abroad "to protect America from
terrorists, hostile nation states and other adversaries" and to
be "innovative, cutting-edge, and the first line of defense in
protecting this country from enemies abroad."
The CIA is legally prohibited from surveillance inside the
United States and "does not do so", the statement added.
CONTRACTORS MUST BE 'LOYAL TO AMERICA'
A U.S. government source familiar with the matter said it
would be normal for the Federal Bureau of Investigation and the
CIA both to open investigations into such leaks. U.S. officials
previously have confirmed that prosecutors in Alexandria,
Virginia for years have been conducting a federal grand jury
investigation of WikiLeaks and its personnel.
A spokesman for the prosecutors declined to comment on the
possibility of that probe being expanded. It is not clear if the
investigation of the latest CIA leaks is part of the probe.
Contractors have been revealed as the source of sensitive
government information leaks in recent years, most notably
Edward Snowden and Harold Thomas Martin, both employed by
consulting firm Booz Allen Hamilton while working for
the National Security Agency.
U.S. Senator Dianne Feinstein of California and a Democrat
on the intelligence committee, said the government needed to
stop the breaches.
"I think we really need to take a look at the contractor
portion of the employee workforce, because you have to be loyal
to America to work for an intelligence agency, otherwise don't
do it," Feinstein said.
Both U.S. Senate and U.S. House of Representatives
intelligence committees have either opened or are expected to
open inquiries into the CIA breach, congressional officials
Some cyber security experts and technology companies have
criticized the government for opting to exploit rather than
disclose software vulnerabilities, though an interagency review
process set up under former President Barack Obama was intended
to err on the side of disclosure.
Those concerns would grow if U.S. authorities did not notify
companies that CIA documents describing various hacking
techniques had been compromised.
Apple, Alphabet Inc's Google, Cisco Systems Inc
and Oracle Corp did not immediately respond
when asked if they were notified of a CIA breach before
WikiLeaks made its files public.
At Apple, none of the vulnerabilities described in the
documents provoked a panic, though analysis was continuing,
according to a person who spoke with engineers there.
LARGER NUMBER OF CONTRACTORS
One reason the investigation is focused on a potential leak
by contractors rather than for example a hack by Russian
intelligence, another official said, is that so far there is no
evidence that Russian intelligence agencies tried to exploit any
of the leaked material before it was published.
One European official, speaking on condition of anonymity,
said the WikiLeaks material could in fact lead to closer
cooperation between European intelligence agencies and U.S.
counterparts, which share concerns about Russian intelligence
U.S. intelligence agencies have accused Russia of seeking to
tilt last year's U.S. presidential election in Trump's favor,
including by hacking into Democratic Party emails. Moscow has
denied the allegation.
One major security problem was that the number of
contractors with access to information with the highest secrecy
classification has "exploded" because of federal budget
constraints, the first U.S. official said.
U.S. intelligence agencies have been unable to hire
additional permanent staff needed to keep pace with
technological advances such as the "internet of things" that
connects cars, home security and heating systems and other
devices to computer networks, or to pay salaries competitive
with the private sector, the official said.
Reuters could not immediately verify the contents of the
A person familiar with WikiLeaks’ activities said the group
has had the CIA hacking material for months, and that the
release of the material was in the works "for a long time."
In Germany on Wednesday, the chief federal prosecutor's
office said that it would review the WikiLeaks documents because
some suggested that the CIA ran a hacking hub from the U.S.
consulate in Frankfurt.
"We will initiate an investigation if we see evidence of
concrete criminal acts or specific perpetrators," a spokesman
for the federal prosecutor's office told Reuters.
Chancellor Angela Merkel is scheduled to visit Washington on
March 14 for her first meeting with Trump, who has sharply
criticized Berlin for everything from its trade policy to what
he considers inadequate levels of military spending.
(Reporting by John Walcott, Mark Hosenball, Dustin Volz, Yara
Bayoumy in Washington and Matthias Sobolewski and Andrea Shalal
in Berlin; Additional reporting by Joseph Menn in San Francisco;
Writing by Grant McCool; Editing by Peter Graff and Bill Rigby)