Disturbing New WikiLeaks Dump Shows Just How Vulnerable We Are to Hacking


Article Image

Okay, so maybe Big Brother is watching you.

It turns out that even apps like WhatsApp, Signal, Confide, and Telegram, which are all seen as strong for privacy and encryption, are vulnerable to hacking. In a disturbing new revelation, we are learning that hackers may have the capability of capturing audio and messaging date before the encryption takes place.

Can you hear me now? (Yes.)

WikiLeaks logo (Fair Use)

In what may become the largest release of top-secret CIA information, WikiLeaks just released 8,761 documents and files that detail the agency’s extensive hacking tools. This initial data dump, referred to as Year Zero, is the first installment in what is being nicknamed Vault 7. If WikiLeaks’ assertions are Vault 7 are correct, the release would be a greater amount of information than gleaned from Edward Snowden.

Credit: Getty Images

While the CIA has not confirmed Vault 7’s authenticity, it has not currently issued a denial of its veracity. We also do not know if the stockpile derived from a former CIA employee or contractor, it whether Vault 7 itself derives from hacking by a foreign government.

Vault 7 is showing us just how vulnerable we are to hacking.

The long-term ramification from this latest WikiLeaks revelation could be an erosion of faith that our popular tech tools are secure. Whether it be using an iPhone or watching a show on a smart tv, we may become more skeptical that our tools are not being used against us.

Credit: Getty Images

There has been a low-running tension between consumers, the government, and the tech industry. Each group has their own interests, and they are often at odds.

The general public has a desire not to be hacked, and the government has a desire for hackable tech. The tech industry has a desire to make money, which typically involves ensuring consumers that their products will not be hacked.

This initial release by WikiLeaks showcases the tremendous amount of resources that the CIA has put into ensuring that our popular devices, whether they be Android or Apple, have certain back-door vulnerabilities. While it is generally understood that the government works with major tech companies to notify the company when a vulnerability has been found, this data dump by WikiLeaks implies that the CIA is not only not telling companies about vulnerabilities, but has also been actively pursuing to find and purchase additional flaws.

“Governments should be safeguarding the digital privacy and security of their citizens, but these alleged actions by the CIA do just the opposite. Weaponising everyday products such as TVs and smartphones – and failing to disclose vulnerabilities to manufacturers – is dangerous and short-sighted.” -Craig Fagan, policy director for the World Wide Web Foundation (speaking to the BBC)

Credit: Getty Images

The problem, of course, is what happens when bad actors exploit vulnerability flaws? The initial release of Vault 7 (Year One) seems to represent a playbook of sorts. That playbook is now out of the proverbial locker room.

“Those vulnerabilities will be exploited not just by our security agencies, but by hackers and governments around the world. Patching security holes immediately, not stockpiling them, is the best way to make everyone’s digital life safer.”-Ben Wizner, director of the American Civil Liberties Union’s Speech, Privacy, and Technology Project, speaking to The New York Times

While companies like Apple are already asserted that they have patched the problems listed in WikiLeaks, it is our faith that our products are secure that may be more difficult to fix.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: