WikiLeaks "Vault 7" part one: "Year Zero"

07/03/2017

WikiLeaks begins a new series of leaks on the U.S. Central Intelligence Agency. With the codename "Vault 7", it is the largest publication of confidential documents on the agency.

WikiLeaks got the portion of the data from archive that appears to have circulated among former U.S. government hackers and contractors in an unauthorized manner. It has several millions lines of code that contains CIA's hacking arsenals: malware, viruses, trojans, weaponized "zero day" exploits, malware remote control systems and associated documentation.

The first full part, called "Year Zero", comprises of 8,761 documents and files taken from an isolated and high-security network inside CIA's Center for Cyber Intelligence in Langley, Virgina. It also includes 7818 web pages with 943 attachments from the internal development groupware

While the "Vault 7" includes information obtained in the period between 2013 and 2016 with an introductory disclosure of the CIA targeting French political parties and candidates in the lead up to the 2012 presidential election, the "Year Zero" which is the first part, focuses more on recent events,

Julian Assange, WikiLeaks editor stated that:

There is an extreme proliferation risk in the development of cyber 'weapons'. Comparisons can be drawn between the uncontrolled proliferation of such 'weapons', which results from the inability to contain them combined with their high market value, and the global arms trade. But the significance of "Year Zero" goes well beyond the choice between cyberwar and cyberpeace. The disclosure is also exceptional from a political, legal and forensic perspective."

After reviewing the "Year Zero" disclosure, WikiLeaks concluded that it was used on attack attempts to tens of thousands of CIA targets throughout Latin America, Europe and the U.S..

According to its analysis, the CIA malware and hacking tools are built with EDG (Engineering Development Group), a software development group within CCI (Center for Cyber Intelligence), a department belonging to the CIA's DDI (Directorate for Digital Innovation). EDG has created and developed, as well as tested and operated on all backdoors, exploits, malicious payloads, trojans, viruses and any other kind of malware used by the CIA in its covert operations world-wide.

Targets include Windows, OSx, Linux, routers, iPhone, Android, smart TVs

While WikiLeaks is aware of the imperfect results of any approach chosen to verify the sources, it remains committed to its publishing model and note that the quantity of published pages in "Year Zero" already eclipses the total number of pages published over the first three years of the NSA leaks by former contractor and whistleblower Edward Snowden.