The eighth installment of the largest hack on Earth was revealed by Wikileaks. You guessed it, it’s Vault 8 and it’s another installment of CIA’s secret weapons stolen by Snowden.
If you believed in conspiracies, you might think the timing was convenient, as the entire nation is more focused on Louis C.K’s sexual harassment accusations than anything else.
Not only that, it feels like we are desensitizing ourselves to the CIA’s incredible cyber weaponry. What else are we going to find out? That they can spy on us in the bathroom? Which, they obviously do already. This time round, Wikileaks revealed the source code of the CIA’s Hive, which is a tool that the organization used to control their malware. It’s like an advanced command-and-control server that was used to remotely control several of the cyber weapons.
Using Hive, the CIA could tell its malware to affect the targeted computers, withdraw information and send it back to HQ via the server. It can be used by many CIA operators to remotely control multiple malware implants used in different covert operations.
In fact, this technology is so stealth that the whole thing is tied to a fake website through a commercial VPS (Virtual Private Server) so if an outsider would find the malware and investigate, they would never be able to tie it to the agency.
What’s even cooler is that the CIA was using fake Kaspersky ideas to make the server seem harmless and pass through the networks undetected. Kaspersky Lab did confirm that that was the case, that the ID’s were forged and that none of their customer's private information is in danger.
As WikiLeaks put it: “(By) Using Hive even if an implant is discovered on a target computer, attributing it to the CIA is difficult by just looking at the communication of the malware with other servers on the internet”.
The bad news is that this code is now published and available for anyone to learn about, duplicate, and restructure as much as anyone wishes. Investigative journalists and cyber tech experts will jump at the opportunity but so will hackers of all stripes and colors
The good news is that WikiLeaks is claiming that the leak only contains software that is designed to run on servers controlled by the CIA, and there will be no more leaks of any zero-day vulnerabilities that can be abused by others. Promises, Promises.
Anyone could pick up the source code, change it up a bit, create their own secure private servers and run the program. It’s a great debate that strikes at the core of the divisiveness of the country right now. Whether these leaks are the public’s right to know, or whether we need to let the CIA do its job and protect us from outsider cyber threats.
The CIA continues to state that they have no comment on the authenticity of the documents that were leaked, while former NSA hackers warn that several of the tools can be used by hackers to strike us where it hurts.