Caution: Everything Smart can be hacked!
How CIA can spy you from your SmartTV and other smart gadgets and bypass smartphone encryption apps.
What just happened with the recent WikiLeaks concerning CIA can be called an Electronic 9/11, because of the WikiLeaks's vault7 release. Now the obvious question is — what is vault7? Code-named 'Valut7' by WikiLeaks, is the largest ever publication of confidential documents on CIA containing a substantial collection of materials about their activities especially in the cyberspace.
To understand how big this leak was, consider these numbers — it is the first full part of the series they call "Year Zero", which comprises of 8,761 documents and files from an isolated, high security network situated inside the CIA's Center of Cyber Intelligence in Langley, Virginia.
The leak discloses the cyber capacity of the agency and also shows the extent to which CIA can go, to have access to information, critical information.
The kind and the scale of these cyber weapons was such that even the CIA lost control of majority of its hacking arsenal which includes state of the art malware, viruses, Trojans and weaponised zero day exploits which can be worth millions of dollars each in dark web.
Let’s focus on how CIA can spy you from your SmartTV and other smart gadgets and bypass smartphone encryption apps.
So let's understand that what they can hack and what you can do to defend.
Smart TV
In this leak, the first instance we must remember is the attack on Samsung smart TVs, it was developed in cooperation with the United Kingdom's MI5/BTSS.
Attack: So to hack the smart TV, there is an option called 'Fake - OFF' mode, once it's activated the owner of the TV by Pressing {{MUTE}} + {{POWER}} will imagine that the TV has been switched off while that is not the case. Hence Fake-Off is working as a bug and can record conversation, click pictures from the TV camera in the room and send them over to the internet to the CIA servers. This was what the release also highlighted in terms of hacking the Smart TV. But wait, what's the catch in it?
Our Views: As per documents you can only update the Smart ST software running on the TV using a USB drive, as a result of which there's no proof of performing this attack remotely if connected to the internet. So one thing is clear that they must have tricked the user to update a malware-based software update to take control over the Smart TV.
What you can do: Nothing actually, just download the firmware of the Smart TV or any update only from the website of the vendor, in this case, Samsung only. Do not install any kind of driver software or updates from any other website, which does not belong to the TV brand.
Smart cars
This is a very critical hack, as the leaks mentioned, during October 2014, the CIA was also looking at infecting the vehicle control systems used by modern cars and trucks. The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations.
Our Views: As this leak was released, our R&D team dug into the technical possibility to ensure how this kind of a hack can be performed, and the answer was that the physical access of the car was necessary. In the words of a hacker, a device can be plugged into the OBD port of the smart car that updates the firmware (Standalone OS) and can cut the interaction with the brake system.
What you can do: Just do not let anyone plug any device to your car and make sure you also know what you are installing and updating via any plug and play device.
Smart Phones
The CIA's Mobile Devices Branch developed a range of smart phone hacking and spying tools and techniques to remotely hack, and control the world’s most popular smartphones and tablets mostly running on Android and iOS.
Why Android: Because Google's Android platform is used to run the majority of the world's smart phones (~85 per cent) including Samsung, HTC and Sony. 1.15 billion Android powered phones were sold last year. "Year Zero" shows that as of 2016 the CIA had 24 "weaponised" Android "zero days," which it had developed itself and obtained from GCHQ, NSA and cyber arms contractors.
Why iOS: iOS held 14.5 per cent of the global smartphone market in 2016. CIA's arsenal includes numerous local and remote "zero days" developed by CIA or obtained from GCHQ, NSA, FBI or purchased from cyber arms contractors such as Baitshop. The disproportionate focus on iOS may be explained by the popularity of the iPhone among social, political, diplomatic and business elites, which are the high value targets to spy on.
Attack: There are many ways they can infect your device, via SMS, via URL , social engineering or by tricking a user on Android platform to install an APK which will need certain permissions. Once infected, and hacked, phones can be used to transmit their “geolocation, audio and text communications” directly to the CIA without the user’s knowledge. In addition, the CIA can remotely activate the phone’s microphone and camera once it’s infected.
As per the leak, WikiLeak stated that CIA can bypass encryption of WhatsApp and other popular messaging services, which can be possible because once the OS is compromised, you can remotely listen to microphone directly, encryption techniques like end to end encryption only comes to play when the voice data goes out from the device over the internet. In this case if the smartphone is hacked, the attacker can directly listen to microphone before it goes to any application such as WhatsApp, Telegram and so on, for encryption.
What you can do: Make sure you do not install any application except from Play Store and even while installing an application from Play Store, make sure to see the permissions the application is asking for at the time of installation.
Windows, Linux, Mac OS, routers
In the leak it's clear that CIA's focus after smartphones is the Microsoft Windows operating system platform, with its malware. This includes various kind of local and remote weaponised Zero day Exploits such as "Hammer Drill," which infects software distributed on CD/DVDs, infectors for removable media such as USBs. To make this attack possible in an automated way, CIA's Automated Implant Branch (AIB) has developed several attack systems for automated infection and control of CIA malware, such as "Assassin" and "Medusa". These automated methods make it very easy and quick to execute the exploit. As soon as someone plugs a pen drive or any other removable device, the malware will execute automatically without any notification. Now you must be thinking about your antivirus protection that you had installed, so to bypass this antivirus protection CIA crypted the virus code and came up with new signatures, which antiviruses would not have in their database, making it easy to bypass your antivirus.
The CIA has developed automated multi-platform malware attack and control systems covering Mac OS X, Solaris, Linux and more also such as EDB's "HIVE" and the related "Cutthroat" and "Swindle" tools.
What you can do: Make sure you buy original software and do not install any other local software, download free pdf, listen to free music or watch a free movie. These are the possible areas where you can accidently download any infected file, like above, which may be transmitted over the internet.
The new leaks are a testament to the fact that in the digital world, always remember that you are being watched. There is nothing called 100 per cent security, no matter what anti-virus or other protective measures you use. The only way is to be aware and learn more each day about the cyber space.
These leaks are a great leap in the debate of privacy Vs national security, which will take a new stage.
—by Rahul Tyagi, VP, Lucideus.