CIA operations may be disrupted by new Wikileaks’ data release
Current spying campaigns run by the CIA could be disrupted, say experts, after more data on the agency’s hacking techniques was released by Wikileaks.
CIA code that obscures malware’s origins was detailed in the latest release by the whisteblowing site.
The code could be used to create a “signature” for CIA malware, said one virus hunter.
The information is part of a larger cache about CIA hacking tools that started to be released last month.
The release of the information could be “one of the most technically damaging” said Nicholas Weaver, a computer security researcher at the University of California in Berkeley, in an interview with the Washington Post.
“It seems designed to directly disrupt ongoing CIA operations and attribute previous operations,” he said.
Before now, the information released about the CIA’s hacking tools by Wikileaks has largely been only text describing many different ways the agency spies on targets.
The latest release differs as it involves actual code used to hide the ultimate origins of malware used by the US organisation.
It shows the obfuscation techniques used to make it harder to reverse engineer malware to unmask who made it.
Included in the code library are fragments of Chinese and Farsi that are intended to be used in malware, as well as methods of moving data around that seek to thwart tools examining whether different samples have anything in common.
Jake Williams, founder of security firm Rendition InfoSec, said the release was “significant”.
“It allows the attribution of previously discovered malware to the CIA specifically,” he wrote, adding that the code samples could add up to a signature for spotting agency work.
“It is likely that malware has been discovered previously which was not attributed to CIA then, but can be today thanks to the release of the code,” he said.
The CIA would not comment on the authenticity of the information released by Wikileaks, but a spokesman said Americans should be “deeply troubled” by the organisation’s actions.
“Dictators and terrorists have no better friend in the world than Julian Assange, as theirs is the only privacy he protects,” said the spokesman.
You must log in to post a comment.