The news quickly swept around the world at the beginning of the month: WikiLeaks, the organization headed by Mr. Assange, has been in possession of more than eighty files escaped from CIA servers, from which "disturbing" espionage programs based on miraculous "cyber-weapons" would emerge. The media have pointed out that the agency would even be able to spy on unsuspecting citizens through smart TV. Stupidness, indignation, diplomatic tensions and, moreover, so sensationalism useful to journalists for the news to fill pages, paper and web for a few days.
But what is really sensational in what the operation in question, baptized by WikiLeaks with the code "Vault 7", has unveiled? Perhaps, that governments do intelligence and that they do it above all abroad? Or that cyber-space has become the favorite hunting ground for secret services? Or again, that the smart electronic devices that we use every day are real "colabrodo" from the point of view of security? No, none of this obviousness is sensational. Only the hypocrisy of governments and the generalist media and the common lack of culture on cyber security can make such "disconcerting" news.
The real news, on the other hand, is at least four more: some innovative hacking techniques used by the CIA, the fact that these and others have escaped the agency's control, the interlacing with the case, all Italian, "Hacking Team" and 'yet another resounding failure of US counter-espionage.
But before addressing these issues we need to make a premise: most experts agree that the material released by WikiLeaks, which is only a first tranche of the total stolen, is authentic and that it will take a long time to fully analyze it.
First point. The CIA arsenal is very wide and includes both techniques developed on its own, in collaboration with private (so-called contractor) and networked techniques, adopted and adapted or adapted to the needs of the agency. There is so vast and varied the CIA cyber-weapon that WikiLeaks had to group in six types to allow them to navigate. In particular, one of these was preferred by the media to make the scoop "sensational". Specifically, in the "Embedded Branch" category (hacking everything that has an operating system but not a personal computer or smartphone) we find the famous Pangente angel (Weeping Angel), which aims to transform Samsung TV F8000 model into clandestine environmental listening tools. Once infected, such TVs, even when they seem to be turned off, send everything that is captured by the microphone and the on-board camera to the servers under CIA control.
Also pterodactyl (Pterodactylus) is part of the family Embedded and it is particular: it is a malware, not really sophisticated, contained in USB sticks or small cards, which allows the fast and clandestine copying of the contents of 3,5 "floppy disks. What will this" dinosaur "do? , used for particular applications.There are such applications and even unthinkable ones such as, for example, the management system of the American nuclear arsenal, dating back to the last century.
The plethora of the malware revealed with Vault 7 is truly remarkable and covers virtually every type of operating system, even the most recent versions. Indeed - and this is what really impresses - some would be able to penetrate the cores of Apple, Microsoft and Linux operating systems (the so-called kernel, or basic code lines, at the basis of their operation), so far considered inviolable, by modifying them in order to take control of the devices that host them. If confirmed, this fact could be a nightmare for the producers, who would have to basically rewrite their own operating systems. Therefore, they should be QuarkMatter e Hive to scare more than others malware, however, probably not by accident, little information was published on their account. In addition, even encrypted chats are not safe but even this aspect does not know much. Then there are the malware dedicated to network devices, such as routers or switches of the most common brands and others that spread through USB memories or even through CDs and DVDs, so without the need for the network. In short, very little is saved from the CIA's paraphernalia. It should be noted that many of the techniques found in the WikiLeaks files are not applicable "remotely", that is, comfortably seated behind a keyboard, but require an intervention "on site". So it is not surprising that, according to what has been learned, the agency has (or had) a base for hacking operations "covered" by the US consulate in Frankfurt in Germany.
Second point. The material posted on Assange's site is not recent and seems to have been circulating among hacking communities for some time now. This is probably the most serious aspect of the matter: since cyber-weapons have come out of its servers, the CIA has lost control and since then the world is certainly a less secure place. Above all, if you think that if software and hardware vendors run on patches trying to fix the security shortages exploited by the agency, on the other hand, updating their products will take time and it is not said that all customers they will do it and they will do it correctly. Meanwhile, there is a swear that the variants of the malware stolen. Bad situation.
Third point. The CIA team, in charge of monitoring and celebrating all the latest hacking techniques, has long ago come across the material of a small, well-known Italian company so far: Hacking Team. It was the 2015 and the case went around the world: strangers had spread to the net malware mostly aimed at espionage activities, carried out by the small Milanese company for intelligence services, law enforcement agencies, Italian police forces and other foreign clients. It is natural to make a parallel with the case of the CIA and, as it is the case, even then national security suffered a tough blow. If nothing else to break the case apart from spreading sophisticated malware which unfortunately certainly will not inspire the CIA alone, has probably compromised some delicate anti-terrorism investigations in progress in those days.
Last point. Strategically important security projects have always had at least one thing in common: a paranoid attention to possible information leaks. In some cases, counter-espionage creates a real asphyxiating "bubble" of protection around the members of the working groups, in order to prevent even the slightest information from leaking out about the activities carried out. Having said that, some sensational failures of US-branded counter-espionage, promptly exploited by WikiLeaks, amaze and leave us speechless: first the Manning case, then the Snowden one, up to the Vault 7 operation a few days ago. Even in the latter case, in fact, more than the hacking capabilities of Assange's organization, the revelation of the CIA's cyber-secrets seems to be due, rather, to another sensational leak of files by officials, agents operative or private consultants hired by the agency. Probably the precedents were not enough to make people feel the need to review the counter-espionage procedures. Yet Manning, at the time, was a short-term soldier entrusted with the duties of an intelligence analyst after only a couple of years of service, while Snowden (formerly a CIA official) was a private consultant to the National Security Agency. (set up on his own after working for the same agency). In short, the threat of the "unfaithful employee" is always around the corner.
One last reflection: in the face of so many scandalous American scandals, "over-the-counter" seems that contradiction works very well. The Russian government is being cast as responsible for almost every cyber attack, yet it does not even cover an incontrovertible proof of its involvement (which could only come from inside it). Infallible contradiction or something else? But this is another story.
Main sources:
http://formiche.net/2017/03/09/wikileaks-cia-intelligence-cybersecurity/
www.wired.it/amp/174350/attualita/tech/2017/03/13/funzionano-davvero-cyb ...
www.repubblica.it/esteri/2017/03/07/news/wikileaks_cosi_la_cia_ci_spia-1 ...
http://www.ilfattoquotidiano.it/2017/03/07/wikileaks-diffonde-documenti-...
http://www.lapresse.it/wikileaks-germania-prendiamo-sul-serio-accuse-a-c...
www.repubblica.it/esteri/2017/03/08/news/wikileaks_cnn_usa_aprono_indagi ...
https://www.theguardian.com/technology/2015/jul/06/hacking-team-hacked-f...
(photo: web / David G Silvers)
