The CIA are the real ‘threat to national security’; leaks show they treated software exploits like toys


CIA accuse whistleblowers of irresponsibility, but their software exploits were already being circulated, customised and manipulated by any Tom, Dick or Vladimir in the Black Market well before the leaks were publicised.

In the wake of Wikileaks’ latest release – 8,000 webpages detailing CIA malware development named ‘Vault 7’ – most media attention has related to the ‘Weeping Angel’ software used to turn Samsung TVs into listening devices that appear off.

The smart TV exploit has satisfied a media thirst for headlines with its James Bond-esque gadgetry and dystopian project title, but it is far from being the most concerning aspect of the documents released so far. That would be a project named Hive.

While smart phones, routers, and other data transmission devices are routinely reverse-engineered in order to probe potential access points for the CIA – for instance, the HarpyEagle project created access to place a root kit on the Apple Airport Extreme and Time Capsule base stations – this was largely suspected by a public living in a post-Snowden era. Much more distressing is the Hive software, developed as an ‘interactive shell’ within Windows operating systems and Mikrotik router software in order to provide an ‘initial foothold’ for future projects.

Put simply, if you are one of 1.25 billion people in the world who use a Windows PC then your device contains an exploit that can be remotely accessed and manipulated by another agent. This agent was supposed to be the CIA, however, the past has shown that ultimately it can be whoever pays top dollar for the privilege.

The CIA’s preferred business model is to outsource much of their development to private agencies. This model in the past has inevitably led to software being hoarded by private contractors who, despite passing a security clearance, have little regard for the integrity of the CIA and an abundance of contacts acquired through their line of work who would being willing to pay huge sums for the source code.

The most publicised example of this, standing alongside many anonymous cases that were successfully gagged by CIA, is the case of Harold T.Martin III.

An employee of government contractors Booz Allen Hamilton, Martin obtained 50 terabytes of source code from federal intelligence agencies, primarily by just storing it on USB sticks and hard drives and taking them home.

Thankfully, Martin stole the data mainly out of despondency towards his ‘useless’ employers without any intention of profiting from it. In a letter used as evidence in his trial he lambasted the CIA for failing to take action over ‘bread and butter’ security lapses and a general culture of unconstitutional disregard for basic civil liberties.

However, the majority of his peers do not share the same values; the market for ‘zero-day’ exploits – vulnerabilities that are placed inside software that can be remotely accessed by hackers to steal or manipulate data – is estimated at about $160 billion worldwide.

Conceivably, this means that the Hive source code developed by the CIA could also be in the hands of another government, commercial hacker or anarchist, enabling them to communicate with a bug within the windows operating system.

In addition to the obvious pursuit of stealing data, Hive allows the agent controlling it to manipulate the host in terrifying and creative ways. It is essentially a blank canvass for the development of new software that can be implemented remotely.

Naturally, devices containing these software exploits spread like wildfire; Windows software is used in every government office and corporate boardroom around the globe. The attraction for a state actor or commercial spy to gain control of this exploit is obvious.

The CIA predictably denounced Wikileaks and Assange for their supposed ‘irresponsibility’ that put ‘America at it’s allies in a compromised situation’ but the reality is that the CIA were doing a very good job of this themselves and required no assistance.

Assange launched a press conference yesterday in which he said that he intended to work with manufacturers to highlight and plug gaps that the CIA have implemented in their software. Considering that the CIA have made it very clear that they harbour no intentions of increasing the transparency or legal oversight of their operations, this may be Apple, Microsoft and Google’s only chance or gaining back control of their own software.

See the classified user and developer guides for HIVE.

Rory Wood

Leak of Nations | Vault 7 | CIA


About Author

Ruairi Wood

English Dirtbag. Read the Bread Book, Google Murray Bookchin.