Since the initial WikiLeaks Vault 7 drop, which exposed the CIA for its out-of-control spy efforts, most of the follow-up releases have centered around specific pieces of software, used for highly specialized tasks.
It would be easy to gloss over the releases, as they are highly technical in nature and to the average non-computer programmer they read like complete gibberish. However, the implications presented by the CIA’s capabilities to spy on citizens are extremely troubling.
In addition to the original Vault 7 leak that detailed how the CIA would use smart phones and even Samsung TVs to spy, there have been eight additional drops detailing various CIA projects, including software that allowed the spy agency to bypass anti-virus measures and even efforts to attribute cyber attacks to foreign operations.
The latest Vault 7 release deals with two pieces of CIA malware. The first, “AfterMidnight,” allowed CIA operators to run disguised software on a target machine. The software would periodically check for instructions and if new instructions existed, the software would then download components and load “gremlins” onto the machine. According to WikiLeaks:
“Gremlins” are small [AfterMidnight] payloads that are meant to run hidden on the target and either subvert the functionality of targeted software, survey the target (including data exfiltration) or provide internal services for other gremlins.”
In an innocuous example, the released documents showed a would-be user how to operate within a network of two computers:
“The goal will be to prevent one target from using their web browser (so that he can get more done) and we’ll annoy the other target whenever they use PowerPoint (because, face it, they deserve it for using PP).”
After installing a small file, the operators would then be able to instruct the computer to kill any use of a web browser on a set schedule. For instance, the software could be instructed to shut down Firefox every 25-35 seconds. Similarly, the example included a measure to “lock up” PowerPoint files 10 minutes after they were loaded. It would also allow operators to create a delay when PowerPoint files were attempting to load.
While the examples they used are simple and relatively harmless, the software could perform virtually any assigned task. Because the data is encrypted with a key stored outside of the machine, the code would be extremely difficult to detect and/or decipher.
After installing the software, the documentation instructs users to “kick back” and “Relax – After Midnight will take care of the rest.”
The second piece of software detailed is similar to “AfterMidnight” and is called “Assassin.” That piece of software is a relatively simple way of collecting data remotely and then delivering results to a listening post on a schedule.
Through screenshots in the documents, it can be seen that the author is named “Justin,” is working from a Dell computer, and desktop shortcuts to an encrypted chat program called ‘Pidgin,’ as well as a folder entitled “drone.”
Screehgrab from latest #Vault7 release shows author is named ‘Justin’ and is using a #Dell machine #WikiLeaks pic.twitter.com/XYMiN5SDl7
— Colm McGlinchey (@ColmMcGlinchey) May 12, 2017
Why is all of this technical information in Vault 7 important? It shows a few issues with the way our spy agencies work. First of all, it is the job of the NSA to collect data, so these hacks are seemingly an effort by the CIA to subvert their relationship with another agency. It is also terrifying as hell that some of our nation’s most well-guarded secrets were floating around on the internet for any nefarious actor to find. You have to remember that before WikiLeaks released Vault 7, most of these exploits were easily found on the dark web.
We also know that exploits and hacks, like the ones detailed in Vault 7, were the topic of great debate as the Obama Administration created the Vulnerabilities Equities Process (VEP) in 2010 and revamped it in 2014.
Under the VEP, the government was required to help fix software flaws by sharing their information with development companies. Instead, the CIA seemingly amassed a secret hoard of exploits, directly violating the directive of the President.
As we’ve seen through the turmoil surrounding the nation’s spook industry with their battles against the Trump administration, they are indeed highly politicized. Trump’s presidency is an unmitigated disaster. However, through the conflict, we’ve seen that high-ranking officials like Clapper, Comey, and Brennan operate without oversight, often creating and dictating policy, rather than executing it.
Additionally, the CIA, which is thought of as the world’s most advanced spy agency, had a treasure trove of potentially dangerous pieces of software leaked on the internet. If anyone should be secure from internet leaks, it should be the CIA. As has been mentioned before, imagine if the military lost a weapon that could shut down banks and power grids. The world would lose their collective mind. Instead, we are content blaming even WikiLeaks on Russia and getting back to NOT holding the CIA accountable.