The operation Vault 7 Wikileaks is about to achieve the first six months since its inception, the 7 last March. At the rate of four "releases" a month on average, Mr. Assange's organization has disseminated information on the web, considered to be original, about the compromise information tools used by Central Intelligence Agency, dating back to a period of time ranging from 2012 to 2016. Sometimes this operation has also reserved some curiosities, as in the case of the powerful BothanSpy malware, which is inspired by the popular saga of Star Wars. Almost six months after the first release, in addition to what has already been written (v.article), it is possible to try to formulate some additional general considerations on the matter. Meanwhile, in the context of the serious diplomatic crisis under way among the Persian Gulf countries, the use of instruments is forcefully entering the scene cyber. Proceed with order.
The continuous dripping of fillet stolen, it represents a serious damage for the Agency both for the operations underway and for its image. However, it could have been much worse, as WikiLeaks, as it seems, has not yet spread the source codes of the malware of the CIA which would have come into possession but "only" published the documentation related to them (eg the user manuals forintelligence). The Assange organization, therefore, would not have contributed to the proliferation of the cyber weapons that is raging in the websites, from which they also derive resounding cyber attacks like that of WannaCryptor (article). In contrast, Wikileaks would collaborate with companies operating in the field of cyber security, reporting the security vulnerabilities exploited byintelligence For their own malware. Regarding the compromise techniques unveiled so far by Vault 7, it appears that they would affect many manufacturers of need hardware and various categories of different products: operating systems, applications, smart TV, smartphone, router, etc. .. Even if you notice that for the most part it is involved of MicrosoftIt is equally clear that no manufacturer or type of operating system can be said to be immune from this story, even those considered to be the safest. Furthermore, it emerges that, although many techniques have been retrieved from the network and adapted by the CIA, on the contrary, some have been developed on their own and would appear to be particularly innovative. This is the case, for example, of the malware baptized by the Agency BothanSpy, evidently in honor of the network of spies composed by the rebels willing to sacrifice their lives (i Bothan, in fact, a sort of humanoid cat) in order to find valuable information on the "Death Star", the deadly weapon of the Empire. However the TV series it ends here and the reality is heavy: the malware it would concern one of the protocols so far considered to be among the safest, known as Secure SHell or SSH, therefore BothanSpy it would be particularly dangerous. This protocol, in fact, is widely used in order to establish secure remote connections for applications websites particularly sensitive of E Commerce, online banking, technical administration of computer systems, etc. In particular, BothanSpy it would concern the systems Microsoft Windows, however the Agency would have developed also the "cousin" gyrfalcon for systems based on Linux. In addition, the CIA's paraphernalia would be very heterogeneous both by type of malware and for methods of diffusion both for levels of use, so much so that in the manuals we often refer to their combined use, in the context of intelligence complex. In some cases, then, in order to be able to implant i malware, the Agency would provide physical access to the IT devices of the target to be monitored. Just this last aspect would disassemble the theses of the medium generalists who, on the occasion of the first publication of Vault 7, intended to "terrorize" the public, making it appear that the CIA would spy millions of unsuspecting citizens without their knowledge, rather than inform them correctly about the presumable real aims of the malware discovered. Meanwhile, the operation Vault 7 continues and it is said that does not reserve further surprises.
Recently, just as Wikileaks published the last ones fillet, the Washington Post, prompted byintelligence USA, has spread the news that the serious crisis in progress between Qatar and other countries of the Persian Gulf, would have been triggered by some attacks cyber. Actually, the diplomatic situation in the Gulf has been particularly difficult for a few months now, but the crisis has become really serious only after a specific event: last 24 may have appeared on the social network some statements attributed to the Emir of Qatar, which caused the immediate and abrupt diplomatic reaction of the United Arab Emirates, Saudi Arabia, Bahrain and Egypt. In particular, Qatar, from these countries, in a few hours has seen the interruption of diplomatic and economic relations and closing the borders. Furthermore, his medium they have suffered repeated cyber attacks which, in some cases, have completely blocked their activity. But there would be a detail of no small regard regarding this matter: according tointelligence USA i account institutional bodies of the social network of the emir would have been compromised by hackers, on the precise mandate of the United Arab Emirates, in order to spread false declarations created on purpose. This would fall within a specific plan of the aforementioned Gulf countries, aimed at providing a pretext to make the situation incandescent and raise the level of the confrontation with Qatar. What will happen in the future nobody can say, however it is possible to affirm that the cyber warfare between States, until recently only theorized, it is becoming a consolidated reality. In this specific case, i have been exploited social networks that, since they have lost their essentially playful nature, to become tools used by institutions, press organs and political / religious movements, have unfortunately become the main source of information for millions of citizens. So it would be Cyber Warfare at the service of Information Warfare, in the context of an international dispute. So far it was only science fiction. Now it's reality. Only the Bothan can they save us from the Death Star?
(photo: web)
Main sources:
http://www.repubblica.it/esteri/2017/07/06/news/wikileaks_svela_i_bothan_della_cia-170098324/
