By Marcos Colón
March 8, 2017
A trove of sensitive documents belonging to the Central Intelligence Agency that details its “entire hacking capacity” has been publicly leaked.
The data dump made available by whistleblower website WikiLeaks, collectively titled Vault 7, includes 8,761 documents and is the “largest ever publication of confidential documents on the agency,” according to a release on its website.
From zero-day vulnerabilities that target Android and iOS devices to exploits aimed at compromising smart TVs, network routers, and vehicle control systems in smart cars, the information provides an in-depth look at the tools and tactics the agency leverages to spy on adversary systems and networks.
While the security industry is not surprised by the details of the leak, what’s cause for concern is how valuable the information is to novice cyber criminals, says Omer Schneider, CEO at security firm CyberX.
“The main issue here is not that the CIA has its own hacking tools or has a cache of zero-day exploits,” Schneider said in an emailed statement to Infosec Insider. “Regardless of the motives for publishing this, our concern is that Vault7 makes it even easier for a crop of new cyber-actors to get in the game.”