WikiLeaks released a huge trove of documents yesterday, purporting to expose a range of spying tools and tactics by the Central Intelligence Agency. The organization went as far as saying their latest CIA dump is way larger than Edward Snowden’s NSA leaks that had brought the entire surveillance game the intelligence agencies have been playing to the forefront.
As analysts and tech companies have had some time to explore and check these released documents, it turns out that the release isn’t as big as WikiLeaks tried to make it. However, it does appear to be legitimate and the upcoming expected releases from the organization might be as big as it claims. Questions of how the documents made their way from the CIA to WikiLeaks aside, at least one of the tech companies has confirmed that the exploits shared in the leaks were legit, but already patched.
Apple: “many” of the exploits exposed in WikiLeaks dump have already been patched
While the intelligence community is still assessing the implications of the newly released documents, in response to yesterday’s claims that the CIA had been exploiting security vulnerabilities in iPhones, Apple has issued a statement stating the company has fixed “many of the issues” identified in the documents.
Apple is deeply committed to safeguarding our customers’ privacy and security. The technology built into today’s iPhone represents the best data security available to consumers, and we’re constantly working to keep it that way. Our products and software are designed to quickly get security updates into the hands of our customers, with nearly 80 percent of users running the latest version of our operating system. While our initial analysis indicates that many of the issues leaked today were already patched in the latest iOS [10.2.1], we will continue work to rapidly address any identified vulnerabilities. We always urge customers to download the latest iOS to make sure they have the most recent security updates.
While claiming that many of these flaws were already patched, Apple’s statement also validates the documents by hinting that some of the flaws could be unpatched. Apple hasn’t specified which exploits it has patched or whether we should expect to see a security patch coming soon to resolve the remaining vulnerabilities.
Yesterday’s “Vault 7” report from WikiLeaks had shared that the CIA has a specialized unit that produces malware to infest, control and exfiltrate data from iPhones.
Despite iPhone’s minority share (14.5%) of the global smartphone market in 2016, a specialized unit in the CIA’s Mobile Development Branch produces malware to infest, control and exfiltrate data from iPhones and other Apple products running iOS, such as iPads. CIA’s arsenal includes numerous local and remote “zero days” developed by CIA or obtained from GCHQ, NSA, FBI or purchased from cyber arms contractors such as Baitshop. The disproportionate focus on iOS may be explained by the popularity of the iPhone among social, political, diplomatic and business elites.
Despite the drama that WikiLeaks release has created, it is a well-known “fact” that the CIA and other intelligence agencies repeatedly target mobile phones, including iPhones. Several leaked reports from private firms like Cellebrite have made it clear that special tools are designed to break into these devices to spy on government targets.
Only last year, the FBI publicly purchased software to exploit a vulnerability in an iPhone 5c that belonged to a dead terrorist involved in last year’s San Bernardino massacre. If an agency could get access to these tools for investigations, it isn’t entirely shocking that intelligence agencies the world over have also been using these tools to spy on their targets.
We are still waiting to hear from Google and Samsung – two other tech companies whose devices were named in the leaked documents that the CIA specifically targets.
[Update]: Samsung responds to WikiLeaks dump too
In an email to Wccftech, Samsung said that “protecting consumers’ privacy and the security of our devices is a top priority” at the company. The company didn’t add if it was aware of Samsung TV exploits and added that it is “aware of the report in question” and is looking into the matter “urgently”.