George Orwell in his famous work 1984 depicted a dystopian country, Oceania, which is ruled by Big Brother, the leader of the dictatorship that governs it. The oppressive regime of Oceania keeps a watchful eye on its citizens using cameras just like CCTV these days. Telescreens along with microphones are placed in every apartment where Big Brother broadcasts his propaganda to whitewash people from their individuality. Not only criticizing Big Brother is punishable offence but to think this grave act can also send you behind the bars. Thought police is always vigilant and always ready to send a man to his grave whoever it perceives to be engaged in unlawful activities. It is secret agency just like the nefarious KGB (USSR secret service) without which ‘Big Brother’ can’t dream to rule Oceania without any signs of rebellion.
On March 7, 2017, WikiLeaks opened Pandora’s box by starting a new series of leaks on the U.S. Central Intelligence Agency (Code-named ‘Vault 7’) which is the largest ever publication of confidential documents on the agency.
The first full part of the leaks “Year Zero” comprises of 8,761 documents and files from an isolated, high-security network situated inside the CIA’s Center for Cyber Intelligence in Langley, Virgina. It contains information of the CIA’s global covert hacking program in which a wide range of products that include Apple’s iPhone, Google’s Android, Microsoft’s Windows and even Samsung TVs are turned into covert microphones.
CIA hacking tools are built by EDG (Engineering Development Group), a software development group within CCI (Center for Cyber Intelligence) which is a department that belongs to the CIA’s DDI (Directorate for Digital Innovation). The DDI is one of the five major arms of the CIA .The EDG is responsible for the development, testing and support of all malwares, backdoors, exploits, Trojans, viruses used by the CIA in its covert operations all round the world.
The attack against Samsung smart TVs is developed with the cooperation of the United Kingdom’s secret service MI5. When the malware is injected in TV it goes on a ‘Fake-Off’ mode fooling the owner to believe the TV is off when it is on. It records conversations in the room and sends them to a secret CIA server. The leaks also reveal that CIA was also looking to build malwares for the vehicle control systems used in modern cars and trucks. It is most likely that the agency wants to convert the vehicle control systems to assassination devices.
The CIA’s Mobile Devices Branch (MDB) developed numerous malware to hack and control smart phones developed by global giants. Infected phones can be used to send CIA the geo-location, audio and text communications of the user covertly. It can also activate the phone’s camera and microphone. A specialized unit in the CIA’s Mobile Development Branch develops malware to infest and suck data from iPhones and iPads. The special focus on iOS may be explained by the popularity of the iPhone in social, political, diplomatic and business circles.
Google’s Android run devices are not left untouched by CIA.
As of 2016 the CIA had 24 Android “zero days”(malwares) which it has developed itself and obtained some from NSA. In January 2010 IAEA officials who were responsible for monitoring Iran’s nuclear program noticed that the workers of the Natanz nuclear plant were replacing the centrifuges very frequently. It was very odd as each centrifuge has a life expectancy of about 10 years and yet around 2,000 of them were replaced. It was later revealed that the cause of this was a virus ‘Stuxnet’ that had been smuggled into the plant through a pen drive. The development of Stuxnet was done during Bush era to deter Iran from pursuing nuclear aspirations. It is alleged that the malware was a collaborative byproduct of USA and Israel.
CIA can bypass the encryption of social messaging applications like WhatsApp, Telegram and Weibo. The CIA also targets Microsoft Windows users with its malicious spy software. Apart from “zero days “ there is another virus “Hammer Drill” which infects software distributed on DVDs, removable media device such as USBs. Many of these infection programs are planned by the CIA’s Automated Implant Branch (AIB), which has developed several attack systems for automated infestation of CIA malwares “Assassin” and “Medusa”.
It’s much evident that cyber malwares are not possible to keep under effective control. The nuclear programs in the world can be kept under strict monitoring and restrained because of the enormous costs and visible infrastructure involved in assembling fissile material to produce a critical nuclear mass. This is not the case with cyber weapons. Cyber weapons are in fact more dangerous than nuclear weapons in the sense they can be pirated very easily. In the modern world information is power. Since the cyber weapons are entirely comprised of information they can be copied quickly with no marginal cost involved.
Securing such ‘weapons’ is particularly difficult since the same people who develop and use them have the skills to smuggle them without leaving traces. These weapons are double edged swords that can be used against the organizations that produced them. These malicious programs if put into wrong hands can be sold to any other country or terrorist organization for hundreds of thousands dollars to millions of dollars. Companies who may obtain such cyber malware can sometimes use them for their vested interests to obtain advantage over their competitors.
According to Wikileaks, this leak is just the tip of iceberg much is yet to be revealed.
Orwell wrote “Who controls the past controls the future. Who controls the present controls the past” in 1984. In the quest to control the future CIA should not act as a Big Brother. A totalitarian power exerts influence using fear over its subjects by conveying the message that it is omnipresent and omnipotent, which often leads to disastrous consequences.
United States must be wary of that.