Some of the US intelligence community’s most closely guarded cyber-secrets have been put online.
The WikiLeaks dump of more than 8000 documents includes secret Central Intelligence Agency (CIA) code to steal data and turn everyday devices such as cellphones, computers and television sets into weapons to snoop on the user.
The documents were purportedly taken from the CIA’s Center for Cyber Intelligence.
Experts who’ve started to sift through the material say it appears legitimate, and that the release is certain to shake the CIA.
It includes claims the spy agency had worked on a system to “infect” the system of modern vehicles, allowing it to carry out “largely undetectable assassinations”.
“As of October 2014 CIA was also looking at infecting the vehicle control systems used by modern cars and trucks,” WikiLeaks claimed.
“The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations.”
“There’s no question that there’s a fire drill going on right now,” said Jake Williams, a security expert with Augusta, Georgia-based Rendition Infosec. “It wouldn’t surprise me that there are people changing careers – and ending careers – as we speak.”
Bob Ayers, a retired US intelligence official working as a security analyst, said the release was “real bad” for the agency.
If the authenticity of the dump were officially confirmed, it would represent yet another catastrophic breach for the US intelligence community at the hands of WikiLeaks and its allies, which have repeatedly humbled Washington with the mass release of classified material, including hundreds of thousands of documents from the US State Department and the Pentagon.
WikiLeaks, which had been dropping cryptic hints about the release for a month, said in a lengthy statement that the CIA had recently lost control of a massive arsenal of CIA hacking tools as well as associated documentation.
The organisation said “the archive appears to have been circulated among former US government hackers and contractors in an unauthorised manner” and one of them “provided WikiLeaks with portions of the archive.”
Jonathan Liu, a spokesman for the CIA, said: “We do not comment on the authenticity or content of purported intelligence documents.”
Williams, who has experience dealing with government hackers, said that the files’ extensive references to operation security meant they were almost certainly government-backed.
“The only people who are having that conversation are people who are engaging in nation-state-level hacking,” he said.
The documents covered a range of topics, including what appeared to be a discussion about how to compromise smart televisions and turn them into improvised surveillance devices.
WikiLeaks said the leaked data also included details on the agency’s efforts to subvert American software products and smartphones, including Apple’s iPhone, Google’s Android and Microsoft’s Windows.
A substantial library of digital espionage techniques borrowed from Russia and other countries was in the data as well, WikiLeaks said.
Ayers noted that WikiLeaks had promised to release more CIA documents, saying the latest publication was just “the first full part of the series.”
“The damage right now is relatively high-level,” he said. “The potential for really detailed damage will come in the following releases.”