Vault7: Are Your Bitcoins Safe?
After the Vault7 release by Wikileaks, Cointelegraph offers advice on how to secure your devices in the age of global surveillance.
Vault7 is the codename WikiLeaks gave to a planned series of releases of documents detailing the electronic surveillance and cyber warfare practices of the CIA.
The famous whistleblowing website claims that it is going to be “the largest ever publication of confidential documents on the agency.”
Part one of the series, codenamed “Year Zero,” was released on March 7, 2017. It is a set of over 8,000 documents that offers some alarming evidence of the CIA’s ability to hack into various electronic devices and use them for surveillance and cyber warfare activities.
What is worse is that the reports of the CIA’s hacking arsenal are said to circulate among former contractors and hackers of the US government in an “unauthorized manner.” That means that they could have been seen and used by potential malicious actors outside of the agency.
This is a new development in the ongoing process of uncovering the extent of the reach that the United States’ intelligence agencies have over the private data of both the US citizens and foreign nationals. It started in 2013 with Edward Snowden revealing the details of such programs as PRISM and XKeyscore employed by the US National Security Agency (NSA) for global surveillance.
Now the Year Zero has revealed that the CIA possesses similar capabilities when it comes to cyber surveillance and warfare.
Specific tools at the CIA’s disposal
Here is a non-comprehensive list:
- Smartphone traffic interception. Allegedly, the CIA can plant their software both onto iOS and Android operating systems of modern smartphones. After a device is compromised, the CIA can then intercept outgoing traffic, such as audio and instant messages, before it is encrypted by the phone.
Even the messaging apps which offer end-to-end encryption, such as Telegram, WhatsApp and Signal, may be jeopardized, as there is a chance that the agency’s software is able to bypass their encryption by using keylogging.
- It has been reported in Year Zero that the CIA was looking into the possibility of hacking AI-controlled vehicles. Although there is no solid proof that the agency does possess such capabilities, if it did, it would “permit [them] to engage in nearly undetectable assassinations.”
- Weeping Angel. This piece of cyber weaponry is allegedly able to infect Samsung Smart TVs and turn them into covert listening devices. A compromised television set can put itself into a “fake-off” mode, where it appears to have turned off, but is still able to use its microphone to record conversations in the room and then transmit them to the CIA, all unbeknownst to the owner.
- PC backdoors. Year Zero has referred to CIA’s capabilities of infecting computers which run on the Windows XP, Windows Vista and Windows 7 operating systems. Compromised systems can then be used to hide other malicious software under the DLL of legitimate applications. And before you get the idea of switching to Mac OS or Linux - those are reported to be affected too.
Am I being spied on?
There is a good chance that you own at least one device which may be affected.
Smartphones that run on the Android and iOS operating systems, Windows, Mac OS and Linux computers, Samsung Smart TVs - especially the separately mentioned Samsung’s F8000 series - have all been reported to have associated surveillance software developed for them.
It is important to note, that unlike the bulk data collection which the NSA engages in - according to Edward Snowden’s leaks - the tools revealed by the Year Zero report are more likely to only be used for targeted surveillance. That means that if you aren’t on terrorist or criminal lists, the CIA is unlikely to be using its arsenal of cyber weapons to spy on you.
However, the software still has its vulnerabilities and the fact that the exploits are circulating among contractors outside of the agency means that your devices may potentially be compromised by non-government actors, like, for example, hackers looking to access your private data.
What can I do to enhance the security of my devices?
Based on the advice by several security experts, here are some of the precautions you make take to protect your electronic devices.
- First of all, make sure to update the operating systems of your gadgets to their latest versions. Android, iOS, Windows and others are all regularly patched by the respective companies in order to fix the discovered security weaknesses. That means that having the latest version of the OS installed minimizes the risk of the CIA or other agents being able to use the backdoor to spy on you. Some of the older models of the smartphones do not support the latest security updates - in that case, it may be the time to switch to the latest models.
- Install an antivirus program on every device where one is available. It is known that some of the backdoors in our gadgets are put there by the actual developers, in collusion with the intelligence agencies. Because of that, those backdoors are unlikely to be eliminated by the security updates to the operating systems. However, antivirus companies do not have a stake in keeping the security flaws alive - on the contrary, their reputation depends on being able to eliminate them. That means that if it is at all possible to patch a certain hole in the security of a device - a good antivirus is going to do it.
- Don’t let strangers get unauthorized access to your devices. It has been revealed in the leaks, that physical presence may be needed in order to initially infect a device with CIA’s spyware.
- Make sure that you use messaging apps which offer end-to-end encryption of communications - such as WhatsApp or Telegram. That way, even if your device is compromised, your conversation will have a higher chance of remaining private, compared to using less secure applications.
- If you own a Samsung Smart TV - feel free to unplug it after use. The CIA is unable to use electronic devices with no power supply - yet.
What can you do to really stay off the radar?
If everything else fails, go the pre-industrial way: ditch all electronics and hide in the woods.
We have outlined some of the ways to beef up the security of your devices, but it may still not be enough. Maybe, the tools revealed in the Year Zero are just a tiny fraction of what the CIA has at its disposal. Or maybe they are old backdoors, which have been replaced with newer, much more advanced ones - the ones, which you can’t do anything about.
Well, in that case, there is really only one thing you can do in our technology-ridden world - get rid of all electronic devices and go live in the woods. Here are some of the best practices for surviving in the wild.
It basically boils down to keeping in mind the four basic needs for survival:
- Shelter. Depending on available materials, the level of preparation and outside temperature, it can be anything: a tent, a wigwam, an igloo, or a cave. If you are using a natural shelter, make sure there are no bears sleeping in it, before making it your new home.
- Fire. Actually, scratch that. Smoke plumes can reveal your location and, ultimately, lead the CIA back to you. Learn to eat your food raw.
- Food. Try your best not to starve: consume plants (just not the poisonous ones), mushrooms, fish. Also, improvise: you can create weapons from almost anything, including condoms, to hunt both game and possible CIA spooks.
- Water. Just don’t settle near rivers in Flint, Michigan, and you should be OK as far as water goes.