Apple, Google, Microsoft and Samsung and industry analysts scrambled yesterday to assure consumers that Big Brother and Sister were not listening in on their dinner plans —
particularly if they’ve updated their devices with the latest operating system updates — in the wake of WikiLeaks’ release of confidential CIA documents it has dubbed Vault 7.
In publishing the first part of the series, “Year Zero,” WikiLeaks writes that altogether it has 8,761 documents and files from a
high-security network situated inside the CIA's Center for Cyber Intelligence in Langley, Va.
“‘Year Zero’ introduces the scope and direction of
the CIA’s global covert hacking program, its malware arsenal and dozens of ‘zero day’ weaponized exploits against a wide range of U.S. and European company products, include
Apple’s iPhone, Google’s Android and Microsoft’s Windows and even Samsung TVs, which are turned into covert microphones,” according to its release.
advertisement
advertisement
WikiLeaks
purportedly obtained the information from an anonymous (and so-far unverified) source who “wishes to initiate a public debate about the security, creation, use, proliferation and democratic
control of cyberweapons.”
“We do not comment on the authenticity or content of purported intelligence documents,” CIA spokesman Jonathan Liu has emailed anybody
who asked.
The idea that spies could listen in on conversations by tapping into devices such as smart TVs and Amazon Echoes seems to be particularly rattling as the practice would
expose an entire household — and visiting grandmas — to cyber-spying.
“The data trove threatens to reprise the public distrust of tech companies that hit a
peak when ex-federal contractor [Edward] Snowden revealed NSA spying and collaboration between the government and Internet and phone companies used by millions. Waving the flag of consumer privacy,
tech companies have been trying to repair the brand damage since,” observes Jon Swartz for USA Today.
First,
“It’s important to note that, according to the CIA, the agency is ‘specifically prohibited from collecting foreign intelligence concerning the domestic activities of U.S.
citizens,’” Chris Morran reminds us in The
Consumerist.
“The WikiLeaks document describes the hacking of individual, targeted devices. Judging by the information posted on WikiLeaks, the CIA needed to plug a USB
drive into a television to get the hack to work. While some say it's likely that the CIA was also developing the ability to get into televisions remotely, as Forbes reported, there isn't proof that they've
succeeded,” Hayley Tsukayama writes for the Washington
Post.
“For the vast majority of us, this does not apply to us at all,” Jackdaw Research analyst Jan Dawson tells Tsukayama. “There's no need to worry for any
normal law-abiding citizen, based on what I've seen.”
“Apple's statement was the most detailed, saying it had already addressed some of the vulnerabilities,” the
BBC reports.
“The technology built into today's iPhone represents the best data security available to consumers, and
we're constantly working to keep it that way,” it says. “Our products and software are designed to quickly get security updates into the hands of our customers, with nearly 80% of users
running the latest version of our operating system. While our initial analysis indicates that many of the issues leaked today were already patched in the latest iOS, we will continue work to rapidly
address any identified vulnerabilities.”
“Samsung, whose smart TVs had been compromised, according to the report’s claims, said ‘protecting consumers’
privacy and the security of our devices is a top priority’ and that it was looking into the matter. It declined to comment on whether it knew about vulnerabilities in its smart TVs or about
snooping from foreign agencies,” Madhumita Murgia, Hannah Kuchler and Bryan Harris write for Financial
Times.
They add that Lee Seung-woo, analyst at IBK Securities, “played down the impact of the WikiLeaks report on Samsung,” saying: “The allegations underline
the basic risks of using smart devices, rather than Samsung’s faults.”
“For LG, the episode underscores the need for strong product security,” reportCNET’s Laura Hautala and Alfred Ng.
“Digital
privacy isn't just an LG concern, it's an industry-wide issue that needs to be tackled by everyone who has a stake in the system, which is why we are completely committed to working with other
industry players to make sure that consumers are protected to the fullest extent that today's technology will allow,” it said.
As for Microsoft, “We're aware of
the report and are looking into it,” it emailed.
Heather Adkins, Google’s director of information security and privacy, tells BuzzFeed News’ Sheera
Frenkel and Hamza Shaban: “As we’ve reviewed the documents, we’re confident that security updates and protections in both Chrome and Android already shield users from many of these
alleged vulnerabilities. Our analysis is ongoing and we will implement any further necessary protections.”
Unless you’re up to something nefarious, it presumably
all boils down to this NBC headline over an AP story:
“Experts: Don’t Dump Devices Over WikiLeaks CIA Docs.”