WikiLeaks’ dump of CIA hacking tools is ‘devastating’ for the agency — but there may be an upside

This slideshow requires JavaScript.

BUSINESS INSIDER REPORTS THAT WikiLeaks dumped thousands of documents on Tuesday detailing the hacking tools and techniques used by the Central Intelligence Agency for foreign espionage, in what appears to be the largest leak of CIA documents in history.

The documents, which experts widely believe to be authentic, describe how the agency’s Center for Cyber Intelligence develops malware, viruses, trojans, weaponized “zero day” exploits, and other tools to hack devices like iPhones, Android phones, and Samsung “smart” TVs.

Heather Fritz Horniak, a CIA spokesperson, told Business Insider that the agency “does not comment on the authenticity or content of purported intelligence documents.”

Per the CIA’s charter, its hacking arsenal can only be deployed against foreign targets, not against US citizens. Officials have emphasized that using the tools against overseas targets constitutes legal intelligence collection, but WikiLeaks said it was given the documents by a former US government hacker or contractor concerned about “whether the CIA’s hacking capabilities exceed its mandated powers.”

WikiLeaks has not yet published the cyberweapons’ codes, which detail how they are used operationally. But Tuesday’s leak has essentially rendered them useless, and could set the CIA’s cyber intelligence teams back by “at least a year,” said Alex McGeorge, a senior security researcher at cybersecurity firm Immunity, Inc.

“All of these tools and techniques are now burned,” McGeorge said, noting that the dump included extensive testing plans to make sure the tools wouldn’t backfire. “The CIA won’t want to use them again, and operations using those tools that may be running at this moment will need to have the tools swapped out or abandoned entirely.”

Cybersecurity experts who spoke to Business Insider broadly agreed that the CIA’s hacking arsenal was not nearly as sophisticated as the National Security Agency’s, and it’s unclear how heavily the CIA as a whole depended on the tools developed by the Center for Cyber Intelligence.

Donald Trump visits CIA

REUTERS/Carlos Barria

U.S. President Donald Trump delivers remarks during a visit to the Central Intelligence Agency (CIA) in Langley, Virginia U.S. January 21, 2017.

But “the impact could be quite severe” if the tools were used throughout the CIA, McGeorge said, and it will be “a tall order” to redesign and redeploy them.

“For the CIA this is a huge loss,” Jake Williams, founder of cybersecurity firm Rendition Infosec, told the Daily Beast. “For incident responders like me, this is a treasure trove.”

“This, from the CIA perspective, is devastating,” former CIA counterterrorism official Philip Mudd told CNN on Wednesday. “And there’s got to be a manhunt in that organisation today to determine who did this.”

Foreign intelligence agencies may now be aware of the CIA’s tools and what devices are at risk, which may force the agency to “shift its activities,” Jeff Bardin, the Chief Intelligence Officer at cybersecurity firm Treadstone 71, told Business Insider.

But the CIA is “always looking at how to modify and update” its tools, anyway, so it likely won’t take long for them to discover new vulnerabilities and avenues of attack known as “zero days.”

“Based on what we’ve seen for years, there will always be zero days,” Bardin said. “This just forces them to innovate even faster than before.”

Christopher Mimms, a technology columnist at the Wall Street Journal, said on Twitter that any damage done to the CIA’s arsenal will likely be temporary at best.

“Zero day exploits = renewable resource,” he said.