WikiLeaks released Vault 7 today, which is a huge trove of information about the CIA’s global hacking program. A big element that emerged from the release is that encrypted apps, largely touted for their privacy, can actually be bypassed by the CIA. These include Signal, Telegram, and WhatsApp, which may not be as secure as their users are hoping.
Here’s what you need to know.
The CIA’s covert hacking division, which according to WikiLeaks was the CIA’s own personal “NSA,” had found a way to bypass vastly popular end-to-end encryption apps used on phones to prevent hacking and spying. This was accomplished by hacking the smartphone first. The code would run in the background and collect audio and text message traffic before encryption was applied through the apps.
So this means that apps like WhatsApp, Signal, and Telegram — hugely popular because of their security features — were vulnerable. People using these apps could still be spied on if their phones had been hacked.
By the end of 2016, the CIA’s hacking division, which formally falls under the agency’s Center for Cyber Intelligence (CCI), had over 5,000 registered users and had produced more than a thousand hacking systems, trojans, viruses, and other ‘weaponized’ malware. Such is the scale of the CIA’s undertaking that by 2016, its hackers had utilized more code than that used to run Facebook. The CIA had created, in effect, its ‘own NSA’ with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified. In a statement to WikiLeaks the source details policy questions that they say urgently need to be debated in public, including whether the CIA’s hacking capabilities exceed its mandated powers and the problem of public oversight of the agency. The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons.”
These techniques permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman by hacking the ‘smart’ phones that they run on and collecting audio and message traffic before encryption is applied.”
Essentially, it’s not the apps themselves that are hacked. But the CIA found a way around the apps in order to bypass their popular end-to-end encryption feature. The phones had to be hacked first before this encryption could be bypassed. They’re hacked using malware and hacking tools developed by EDG (Engineering Development Group) within the CIA’s Center for Cyber Intelligence, WikiLeaks explained. EDG develops and tests all backdoor exploits. Phones that are infected and can, thus, bypass these encrypted apps can also send to the CIA the user’s geolocation, audio, and text communications and covertly activate the phone’s camera and mic. Both iPhone and Android phones have been targeted.
In other words, once your phone is compromised, and end-to-end encryption app is no longer of any help.
Find out more about Vault 7 in our story below: