ROME, WASHINGTON —
The latest alleged bombshell meant to send shockwaves through the
U.S. intelligence community is stoking renewed fears about the ability
to secure classified information. But former intelligence officials say,
at least for now, it is unlikely the apparent leak will do significant
damage to U.S. cyber capabilities.
The online whistleblower organization WikiLeaks Tuesday published
thousands of pages of what it described as "the entire hacking capacity"
of the U.S. Central Intelligence Agency.
VOA was unable to independently verify the authenticity of the 8,771
documents published on the WikiLeaks website, but cybersecurity experts
and former intelligence officials said many of the documents appeared to
In a statement, WikiLeaks said the CIA "lost control of the majority
of its hacking arsenal." The group added the spy agency's cybertools had
been disseminated among some former U.S. government hackers and that
one then shared them with WikiLeaks.
A U.S. intelligence official, speaking on the condition of anonymity,
told VOA that a CIA contractor is suspected of being the source of the
leak. Scramble to find leak
Another recently retired U.S. intelligence official told VOA that the
CIA is scrambling to find out who leaked the trove and how.
"Langley is in full damage assessment mode," he said.
U.S. lawmakers are, likewise, alarmed.
"This is early on into the investigation but these appear to be very,
very serious," House Intelligence Committee chairman Devin Nunes, a
Republican, told reporters late Tuesday. "We are extremely concerned and
we are following it closely."
FILE - House Intelligence Committee Chairman Rep.
Devin Nunes is questioned by reporters on Capitol Hill in Washington,
Feb. 14, 2017.
Some of the WikiLeaks documents describe how the CIA sought to
exploit so-called "zero-days" — undetected flaws in the software that
runs smartphones such as Apple's iPhone and Google's Android. Electronic
devices that run Microsoft's Windows were also targeted.
According to the documents, CIA hackers discovered some of the
vulnerabilities on their own. Others were sold to the CIA by third
There allegedly was also collaboration with other intelligence agencies.
In one program, dubbed "Weeping Angel," the U.S. and Britain's MI-5
security service agency worked to secretly turn on so-called smart
televisions made by Samsung in order to turn them into listening
Like their U.S. counterparts, British officials refused to confirm or deny the charges.
"It is longstanding policy that we do not comment on intelligence matters," a British government spokesperson said.
"I think this is pretty legitimate," said Alex McGeorge, the head of
Threat Intelligence at Immunity Inc., a security firm that works with
major companies, financial institutions and government agencies.
"There are some techniques that are very specific," he said. "This is years of development and trade craft and work." Difficult to fabricate
McGeorge said there appears to be a consistency throughout the
documents that would be difficult to fabricate and that clearly show the
efforts of an intelligence agency with an international focus.
But he questioned how much CIA efforts would be damaged by the disclosures.
"There are some techniques that are very specific … but it's not
earth-shattering," McGeorge said. "This is certainly not all of CIA's
advanced cyber capability."
Still, former intelligence officials worry that even if the documents
prove to be real, it is the political fallout that will cause the most
One cause for concern is the claim by WikiLeaks that the CIA
possesses a library of hacking malware employed by other states that it
can use to run so-called false flag operations. In essence, the U.S.
would be able to carry out cyberespionage or cyberattacks but leave a
trail of evidence that point to U.S. adversaries, such as Russia.
U.S. allies and their relationships with Washington could also be impacted.
In addition to cyber operations located at the CIA's headquarters in
Virginia, the files released by WikiLeaks reveal the agency has been
using the U.S. consulate in Frankfurt, Germany, as a covert base.
WikiLeaks claims the consulate, one of the largest American
consulates in the world, housed CIA hackers working deep undercover who
helped develop malicious software for attacks and eavesdropping on
targets in Europe, the Middle East and Africa.
In one document, the CIA instructed employees: "Do not leave anything
electronic or sensitive unattended in your room. (Paranoid, yes, but
better safe than sorry.)" It advised them also to enjoy Lufthansa's free
alcohol "in moderation."
FILE - A German national flag flutters in front of
the Chancellery in Berlin. The 2013 revelation that the U.S. National
Security Agency had tapped German Chancellor Angela Merkel's mobile
phone came from WikiLeaks.
The consulate, located in the northern part of the city and
surrounded by high, reinforced perimeter walls, was the focus of German
investigations into U.S. intelligence activities following the 2013
revelation, which also came from WikiLeaks, that the U.S. National
Security Agency had tapped German Chancellor Angela Merkel's mobile
phone, which prompted sharp and highly public disputes between
Washington and Berlin. WikiLeaks
The WikiLeaks release of the trove of alleged CIA hacking files also
comes at an especially sensitive point, with the U.S. intelligence
community involved in a confrontation with the administration of
President Donald Trump over claimed Russian hacking aimed at influencing
last year's U.S. election.
During his campaign, Trump, at times, defended WikiLeaks. And since
taking office, Trump has derided such concerns as "fake news."
Still, a report by the Office of the Director of National
Intelligence earlier this year concluded with "high confidence" that
Russian military intelligence "relayed material it acquired from the DNC
and senior Democratic officials to WikiLeaks."
Some former officials see the potential for Moscow's fingerprints to
be on this latest WikiLeaks document dump as well, noting Russia is on
the short list of countries capable of foiling the CIA's cyber efforts.
"It is in Russia's interest to see the CIA discredited," said
Jonathan Shaw, who until 2012 was responsible for developing Britain's
policy on cybersecurity. He added: "It is in the interests of Donald
Yet former officials caution there is still more reason to worry.
While WikiLeaks did not publish the codes for the cyberweapons
themselves, it warned it might do so at a later date. And there is a
good chance others may already have them.
"This is like finding a whole cache of weapons on the battlefield and
taking it in," said Jeff Bardin, who worked in intelligence with the
U.S. Air Force.
"It really comes down to the fact that our adversaries know what
we're doing, what we're using," said Bardin, now CIO of the
cybersecurity firm Treadstone 71. "It's pretty disappointing that we
would allow this to get out."
FILE - This photo provided by The Guardian Newspaper
in London shows Edward Snowden, who worked as a contract employee at the
National Security Agency, June 9, 2013, in Hong Kong.
That disappointment has been magnified following efforts to tighten
security after the 2013 disclosures about U.S. National Security Agency
contractor Edward Snowden, who promptly fled to Russia.
Another NSA contractor, Harold Martin, was indicted earlier this year
on charges related to what officials described as possibly the largest
heist of classified government information in history.
Yet Terry Roberts, a former deputy director of U.S. Naval
Intelligence, said the biggest risk is not so much the exposure of the
cyberweapons themselves, but the extent to which the WikiLeaks document
dumps might reveal how U.S. intelligence thinks.
"This is an environment that is never static," Roberts said. "You're
always creating a tool that's going to be overcome by another tool
that's going to be overcome by another tool.
"The expertise and the environment of how you develop these tools and
deploy them at speed and with effectiveness is truly the secret sauce,"