TheJournal.ie uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Click here to find out more »
Dublin: 6 °C Friday 24 March, 2017
Advertisement

Assange accuses CIA of 'devastating incompetence' and warns he has a lot more info to leak

US officials told CNN that a federal criminal investigation was being opened into the leak.

Image: SIPA USA/PA Images

Updated 10.35pm

WIKILEAKS FOUNDER JULIAN Assange has accused the CIA of “devastating incompetence” for failing to protect its hacking secrets and said he would work with tech companies to develop fixes for them.

“This is a historic act of devastating incompetence, to have created such an arsenal and then stored it all in one place,” Assange said.

“It is impossible to keep effective control of cyber weapons… If you build them, eventually you will lose them,” Assange said.

Assange was speaking in a press conference streamed live from Ecuador’s embassy in London, where he has been living as a fugitive from justice since 2012.

He said his anti-secrecy website had “a lot more information” about the Central Intelligence Agency’s hacking operation but would hold off on publishing it until WikiLeaks had spoken to tech manufacturers.

“We have decided to work with them to give them some exclusive access to the additional technical details we have so fixes can be developed and then pushed out.

“Once this material is effectively disarmed by us we will publish additional details about what has been occurring,” he added.

Commenting on the press conference, Republican Senator Ben Sasse of Nebraska said Assange “should spend the rest of his life wearing an orange jumpsuit”.

“He’s an enemy of the American people and an ally to (Russian President) Vladimir Putin,” he said in a statement.

“Do us harm”

The CIA had accused Wikileaks of endangering Americans, helping US rivals and hampering the fight against terror threats by releasing what the anti-secrecy site claimed was a trove of CIA hacking tools.

There are reports in the US that a federal criminal investigation into the leaks is being opened to investigate the documents.

CIA officials also confirmed to the US news group CNN that the documents were genuine, despite the CIA’s public statement refusal to confirm the authenticity of the materials, which said they were leaked from the spy agency’s hacking operations.

Nevertheless, said spokeswoman Heather Fritz Horniak, “The American public should be deeply troubled by any Wikileaks disclosure designed to damage the intelligence community’s ability to protect America against terrorists and other adversaries.”

“Such disclosures not only jeopardize US personnel and operations, but also equip our adversaries with tools and information to do us harm,” she said.

Horniak defended the CIA’s cyber operations, which the Wikileaks materials showed focused heavily on breaking into personal electronics using a wide range of malware systems.

“It is CIA’s job to be innovative, cutting-edge, and the first line of defense in protecting this country from enemies abroad,” she said.

Massive leak

On Tuesday, WikiLeaks published nearly 9,000 documents it said were part of a huge trove leaked from the CIA, describing it as the largest-ever publication of secret intelligence materials.

“This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA,” it said.

The documents showed that CIA hackers can turn a TV into a listening device, bypass popular encryption apps, and possibly control one’s car.

Most experts believe the materials to be genuine, and US media said yesterday that the Federal Bureau of Investigation is opening a criminal probe into the leak.

The source of the materials remained unclear. The investigation could focus on whether the CIA was sloppy in its controls, or, as The Washington Post reported, it could be “a major mole hunt” for a malicious leaker or turncoat inside the agency.

Wikileaks itself said the documents, hacking tools and code came from an archive that had circulated among US government hackers and private contractors.

An investigation would come as the CIA is already enmeshed in a politically-charged probe into Russia’s alleged interference in the US election last year in support of President Donald Trump’s campaign.

WikiLeaks, which has stunned the US government with a series of publications of top-secret political, diplomatic and intelligence materials, said the publication Tuesday was only the first of a series of releases of CIA hacking materials.

That raised concerns that the site could release the actual hacking tools it obtained along with the documents. Experts worry those could fall into the hands of anyone, including US enemies and criminals.

Tech sector scrambles for fixes

The Wikileaks documents detailed the CIA’s practice of exploiting vulnerabilities in hardware and software, without ever informing producers of them.

The CIA allegedly found ways to hack into personal electronics from leading companies like Apple and Samsung, Android phones, popular Microsoft software, and crucial routers from major manufacturers.

The documents suggest it can also infiltrate smartphones in a way that allows it to get around popular messaging encryption apps.

The tech sector was scrambling to understand how their products were at risk.

“While our initial analysis indicates that many of the issues leaked today were already patched in the latest iOS, we will continue work to rapidly address any identified vulnerabilities,” Apple said in an emailed statement.

“We’re confident that security updates and protections in both Chrome and Android already shield users from many of these alleged vulnerabilities,” Google director of information security and privacy Heather Adkins said in a released statement.

“Our analysis is ongoing and we will implement any further necessary protections.”

Samsung and Microsoft both said they were “looking into” what Wikileaks revealed.

Encryption apps safe

Joseph Hall, a technologist with the Center for Democracy and Technology, a digital rights organisation, said the documents raise questions about the US government’s pledge last year to disclose vulnerabilities to technology firms.

That pledge means “security flaws should get back to the companies so they can get fixed, and not languish for years,” he said.

The American Civil Liberties Union commented in a tweet: “When the government finds software security holes, it should help fix them, not hoard them and leave everyone vulnerable.”

Companies that make encryption programmes and apps targeted by the CIA said the revelations show the agency has not been able to break their software.

Open Whisper Systems, which developed the technology for the Signal encryption app, said the CIA documents showed that Signal works.

“None of the exploits are in Signal or break Signal Protocol encryption,” the group said in a tweet.

“The existence of these hacking tools is a testimonial to the strength of the encryption,” said Steve Bellovin, a Columbia University computer science researcher, in a blog post.

© AFP 2017

Read: TVs used to spy on people? Tech industry keen to reassure public following Wikileaks hack

Read: Trump targets critic by name on Twitter after Republican backlash to his health plan

  • Share on Facebook
  • Email this article
  •  

About the author:

AFP

Read next:

COMMENTS (83)

This is YOUR comments community. Stay civil, stay constructive, stay on topic. Please familiarise yourself with our comments policy here before taking part.
write a comment

Leave a commentcancel

Most Popular Today

Trending Tags