Wikileaks: CIA Hackers Have 22,000 ‘Possible Targets’ and ‘Attack Machines’ in US

March 8, 2017 Updated: October 5, 2018

The Central Intelligence Agency is running a massive hacker enterprise that may include targets in US, according to anti-secrecy website Wikileaks, which released close to 9,000 purported CIA documents and files on March 7. The CIA has neither confirmed nor denied the authenticity of the documents.

The documents show that the CIA employs a legion of hackers who develop tools to exploit security gaps of computers (both PC and Mac), cell phones (both iOS and Android), and even smart TVs, which can be used to spy on CIA targets.

The source of the documents wanted to spark public debate over “whether the CIA’s hacking capabilities exceed its mandated powers and the problem of public oversight of the agency,” Wikileaks stated in a press release.

Based on the documents, Wikileaks identified tens of thousands of “CIA targets and attack machines throughout Latin America, Europe and the United States.”

These include “thousands of routable IP addresses references (including more than 22 thousand within the United States) that correspond to possible targets, CIA covert listening post servers, intermediary and test systems.”

This raises the question of whether the CIA overstepped its mandate, as the agency is responsible for foreign intelligence and shouldn’t be spying domestically.

The CIA denied it engaged in any domestic spying in a March 8 statement.

“CIA is legally prohibited from conducting electronic surveillance targeting individuals here at home, including fellow Americans, and CIA does not do so,” the agency stated.

The documents raise a number of other red flags. For example, CIA hackers purportedly had access to unknown vulnerabilities in computer and cell phone operating systems, but didn’t alert the systems’ developers, leaving the gaps open for exploitation by other attackers.

“If the CIA can discover such vulnerabilities so can others,” Wikileaks noted.

Even more disturbingly, the whole set of hacking tools “have been circulated among former U.S. government hackers and contractors in an unauthorized manner,” Wikileaks wrote. “[One of them] has provided WikiLeaks with portions of the archive.”

The hackers, according to the documents, also developed ways to make their attacks look like the work of other hacker groups.

If the tools indeed leaked, counter-intelligence groups and agencies may need to find new ways to determine the origins of any future cyber attacks.

While the NSA is known for running cyber intelligence operations, Wikileaks claims the CIA has been able to develop a cyber intelligence apparatus that rivals that of the NSA and allows the CIA to conduct such operations independently, “with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified.”

Follow Petr on Twitter: @petrsvab