US Spy Agency Staggers, But
Still Standing After Latest WikiLeaks Dump
March 8, 2017
The latest alleged bombshell meant to send shockwaves through the U.S.
intelligence community is stoking renewed fears about the ability to
secure classified information. But former intelligence officials say, at
least for now, it is unlikely the apparent leak will do significant
damage to U.S. cyber capabilities.
The online whistleblower organization WikiLeaks Tuesday published
thousands of pages of what it described as "the entire hacking capacity"
of the U.S. Central Intelligence Agency.
VOA was unable to independently verify the authenticity of the 8,771
documents published on the WikiLeaks website, but cybersecurity experts
and former intelligence officials said many of the documents appeared to
In a statement, WikiLeaks said the CIA "lost control of the majority of
its hacking arsenal." The group added the spy agency's cybertools had
been disseminated among some former U.S. government hackers and that one
then shared them with WikiLeaks.
A U.S. intelligence official, speaking on the condition of anonymity,
told VOA that a CIA contractor is suspected of being the source of the
Scramble to find leak
Another recently retired U.S. intelligence official told VOA that the
CIA is scrambling to find out who leaked the trove and how.
"Langley is in full damage assessment mode," he said.
U.S. lawmakers are, likewise, alarmed.
"This is early on into the investigation but these appear to be very,
very serious," House Intelligence Committee chairman Devin Nunes, a
Republican, told reporters late Tuesday. "We are extremely concerned and
we are following it closely."
Some of the WikiLeaks documents describe how the CIA sought to exploit
so-called "zero-days" — undetected flaws in the software that runs
smartphones such as Apple's iPhone and Google's Android. Electronic
devices that run Microsoft's Windows were also targeted.
According to the documents, CIA hackers discovered some of the
vulnerabilities on their own. Others were sold to the CIA by third
There allegedly was also collaboration with other intelligence agencies.
In one program, dubbed "Weeping Angel," the U.S. and Britain's MI-5
security service agency worked to secretly turn on so-called smart
televisions made by Samsung in order to turn them into listening
Like their U.S. counterparts, British officials refused to confirm or
deny the charges.
"It is longstanding policy that we do not comment on intelligence
matters," a British government spokesperson said.
"I think this is pretty legitimate," said Alex McGeorge, the head of
Threat Intelligence at Immunity Inc., a security firm that works with
major companies, financial institutions and government agencies.
"There are some techniques that are very specific," he said. "This is
years of development and trade craft and work."
Difficult to fabricate
McGeorge said there appears to be a consistency throughout the documents
that would be difficult to fabricate and that clearly show the efforts
of an intelligence agency with an international focus.
But he questioned how much CIA efforts would be damaged by the
"There are some techniques that are very specific … but it's not
earth-shattering," McGeorge said. "This is certainly not all of CIA's
advanced cyber capability."
Still, former intelligence officials worry that even if the documents
prove to be real, it is the political fallout that will cause the most
One cause for concern is the claim by WikiLeaks that the CIA possesses a
library of hacking malware employed by other states that it can use to
run so-called false flag operations. In essence, the U.S. would be able
to carry out cyberespionage or cyberattacks but leave a trail of
evidence that point to U.S. adversaries, such as Russia.
U.S. allies and their relationships with Washington could also be
In addition to cyber operations located at the CIA's headquarters in
Virginia, the files released by WikiLeaks reveal the agency has been
using the U.S. consulate in Frankfurt, Germany, as a covert base.
WikiLeaks claims the consulate, one of the largest American consulates
in the world, housed CIA hackers working deep undercover who helped
develop malicious software for attacks and eavesdropping on targets in
Europe, the Middle East and Africa.
In one document, the CIA instructed employees: "Do not leave anything
electronic or sensitive unattended in your room. (Paranoid, yes, but
better safe than sorry.)" It advised them also to enjoy Lufthansa's free
alcohol "in moderation."
The consulate, located in the northern part of the city and surrounded
by high, reinforced perimeter walls, was the focus of German
investigations into U.S. intelligence activities following the 2013
revelation, which also came from WikiLeaks, that the U.S. National
Security Agency had tapped German Chancellor Angela Merkel's mobile
phone, which prompted sharp and highly public disputes between
Washington and Berlin.
The WikiLeaks release of the trove of alleged CIA hacking files also
comes at an especially sensitive point, with the U.S. intelligence
community involved in a confrontation with the administration of
President Donald Trump over claimed Russian hacking aimed at influencing
last year's U.S. election.
During his campaign, Trump, at times, defended WikiLeaks. And since
taking office, Trump has derided such concerns as "fake news."
Still, a report by the Office of the Director of National Intelligence
earlier this year concluded with "high confidence" that Russian military
intelligence "relayed material it acquired from the DNC and senior
Democratic officials to WikiLeaks."
Some former officials see the potential for Moscow's fingerprints to be
on this latest WikiLeaks document dump as well, noting Russia is on the
short list of countries capable of foiling the CIA's cyber efforts.
"It is in Russia's interest to see the CIA discredited," said Jonathan
Shaw, who until 2012 was responsible for developing Britain's policy on
cybersecurity. He added: "It is in the interests of Donald Trump, too."
Yet former officials caution there is still more reason to worry.
While WikiLeaks did not publish the codes for the cyberweapons
themselves, it warned it might do so at a later date. And there is a
good chance others may already have them.
"This is like finding a whole cache of weapons on the battlefield and
taking it in," said Jeff Bardin, who worked in intelligence with the
U.S. Air Force.
"It really comes down to the fact that our adversaries know what we're
doing, what we're using," said Bardin, now CIO of the cybersecurity firm
Treadstone 71. "It's pretty disappointing that we would allow this to
That disappointment has been magnified following efforts to tighten
security after the 2013 disclosures about U.S. National Security Agency
contractor Edward Snowden, who promptly fled to Russia.
NSA contractor, Harold Martin, was indicted earlier this year on charges
related to what officials described as possibly the largest heist of
classified government information in history.
Yet Terry Roberts, a former deputy director of U.S. Naval Intelligence,
said the biggest risk is not so much the exposure of the cyberweapons
themselves, but the extent to which the WikiLeaks document dumps might
reveal how U.S. intelligence thinks.
"This is an environment that is never static," Roberts said. "You're
always creating a tool that's going to be overcome by another tool
that's going to be overcome by another tool.
"The expertise and the environment of how you develop these tools and
deploy them at speed and with effectiveness is truly the secret sauce,"