The trove of information on alleged CIA hacking tools released by Julian Assange’s WikiLeaks organisation, which reveals that the agency maintains the capability to hack consumer devices, will raise many questions for users and technology companies alike.
Everyday consumer devices including smartphones running iOS and Android operating systems, Windows and Mac computers, and even smart TVs made by manufacturers such as Samsung have all being targeted by the CIA.
The release, dubbed “Vault 7” by Wikileaks, shows that the agency ensures it maintains the technical capability to hack as many popular devices as it can. The vulnerabilities described in the thousands of published documents come in all shapes and sizes: some, such as an attack which can be used to take control of older iPhones, were discovered by independent security researchers and published to encourage technology firms to fix weaknesses; others, such as one which takes control of Android phones via older versions of the Chrome browser, were apparently discovered by the intelligence agency itself, or by partner organisations such as GCHQ.
Many of the hacking tools detailed by the leak, which appears to date to mid-2016, have since been patched by the vendors, meaning that a user with a fully up-to-date device would be safe from those avenues of attack. But some, such as attacks on version 9.0 of iOS, the operating system for iPhones and iPads, seem to have been unfixed at the time the documents were made.
If the CIA has continued to discover and stockpile vulnerabilities (something the US government has denied doing, insisting that it reports such software flaws to manufacturers for fixing), the agency appears likely to have similarly up-to-date hacking tools today, which would leave it able to break into even fully-patched devices.
Source: https://www.theguardian.com/technology/2017/mar/07/cia-targeting-devices…
