The CIA’s Weeping Angel, Vault 7 and the threat to personal privacy
More than two weeks after Wikileaks exposed the US Central Intelligence Agency’s arsenal of more than 1,000 hacking weapons, glaringly absent are answers to questions such as what and whose agenda spy agencies like the CIA actually serve.
Mysteriously banished to mainstream media sidelines is one of the biggest stories of recent times. The March 7 Wikileaks revelations would prompt the question whether covert intelligence agencies have become an uncontrolled power within governments.
Conspicuously missing are accountability answers such as who safeguards against misuse by shadowy super-snoopers like the CIA’s Center for Cyber Intelligence in Langley, Virginia? Who monitors its output of cyber weapons, viruses, malware, and intrusive devices like “Weeping Angel” that turn television sets and smart phones to spy tools?
Searching for the word “terrorist” in the first batch of 8,761 documents and files from “Vault 7” — Wikileaks’ name for the largest ever publication of CIA documents — fetched “zero results.”
Who are the targets of more than 5,000 CIA personnel using “zero day” hacking tools to turn Apple iPhones, Samsung TVs, Microsoft Windows, Google’s Android platform into spy weapons — with the obvious potential to undermine, compromise and control democratically elected governments?
“As of October 2014 the CIA was also looking at infecting the vehicle control systems used by modern cars and trucks,” said the Wikileaks press release. “The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations.”
Wheels within wheels. Power centers within power centers. Anyone dismissing as a conspiracy theory the existence of the “deep state” — secretive forces within a government — might want to read “Vault 7” and its implications. No one has yet questioned the authenticity of “Vault 7” contents, not even the CIA.
CIA headquarters in Langley, Va. needs a thorough cleaning.
Wikileaks said its anonymous source behind “Vault 7” wants to start an “urgent public debate” about “the security, creation, use, proliferation and democratic control of cyber weapons.” Additionally, “whether the CIA’s hacking capabilities exceed its mandated powers, and the problem of public oversight of the agency”. How much was former US president Barack Obama aware of what the CIA was doing?
The president nominates the CIA director (John Brennan was director from March 7, 2013 to January 20, 2017) with senate confirmation. The director, who manages operations, personnel and budget, reports to the director of national intelligence and interacts with the DNI, Congress and the White Office. “Vault 7” spans the years 2013 to 2016.
The first phase of “Vault 7” already reads like a nightmare featuring privacy-murdering monsters with the potential for criminal mischief. Weeping Angel, for instance, can put a targeted TV in a ‘Fake-Off’ mode, fooling the owner into thinking the smart TV is off, It can record conversations in the room and send them by the Internet to a CIA server. Whose conversations has “Weeping Angel” been covertly recording?
The core question is one of volition; beneficial or harmful results arise from good or bad volition. Are there safety checks ensuring legitimate reasons to use “Weeping Angel” and its cousins — “MaddeningWhispers,” “Sparrowhawk,” “Bee Sting,” “Taxman,” and “Fight Club?”
The question of motive shouts louder with CIA tools like ‘WreckingCrew’ — a “list of ideas for fun and interesting ways to kill/crash a process.” CIA user #71473 (WikiLeaks masked names) suggests “fun” uses for “WreckingCrew:” “Kill pesky processes in unit tests that don’t want to die normally. Troll people.” These mischievous, cartoonish hackers might merit a new moniker — “hackoons.”
User #71473’s homepage offers clues into the mindset that created “Weeping Angel” and “WreckingCrew.” User #71473 professes to be an expert on “Identifying Windows MBR (Master Boot Record) boot disks and trashing their MBRs in interesting ways.” Who is “their?”
User #71473 links to the source behind names like “Weeping Angel” that fill “Vault 7”: User #77011’s “awesome tool names page” suggests “Mendicant Engineer” be “reserved for the next tool delivered during a gov’t shutdown” (referring perhaps to the US federal government shutdown over the budget stalemate in October 2013).
“Vault 7” reveals that the Internet of Things is among the targets of CIA infiltration (2014-10-23 Branch Direction Meeting notes) — as part of the evolving complexities in communication technology.
From April 3, 1860 until the telegraph arrived in 1861, daring Pony Express riders carried mail from the Atlantic to Pacific coasts, from Missouri to San Francisco, across Kansas to California, past crowds in towns cheering the rider galloping through.
William Frederick (Buffalo Bill) Cody (1846 – 1917) was a Pony Express rider. Virtually instant 21st-century communication and electronic mail face a different, deadlier threat.
More than 150 years later, faster, more efficient and complex communication gives rise to encryption tools like Tor to protect privacy. It also spawns advisories such as the Deutsche Welle article ‘Seven ways to keep the CIA out of your home’. Anti-hijacking measures such as covering a webcam lens and switching off power to Internet-connected gadgets are also commonplace tips to guard privacy.
Using privacy-protecting devices to keep out cyber criminals can help foster a life free from insecurity and without the threat of “Weeping Angels.” But taxpayer-funded snoops should hear this message: “I don’t fear you because I have nothing to hide.” The truth can never be hidden forever, and those harming others harm themselves first.