07:37 GMT +323 August 2017
Live
    The lobby of the CIA Headquarters building in McLean, Virginia.

    CIA Hackers: Why WikiLeaks 'Vault 7' Becomes a Wake-Up Call For Users, IT Giants

    © REUTERS/ Larry Downing
    Politics
    Get short URL
    'Vault 7': WikiLeaks Exposes CIA's Global Covert Hacking Program in Largest Ever Leak (43)
    62102297

    The world's IT giants are scrupulously analyzing the latest WikiLeaks' disclosure of the CIA hacking practices, and signaling that many of the vulnerabilities mentioned in the leaked reports have already been patched. However, it appears that it's too early to heave a sigh of relief.

    The release of the much discussed Vault 7 has become a wake-up call for computer users and IT giants: this time WikiLeaks, an international non-profit organization that publishes secret information from anonymous sources, has unveiled how the mighty CIA has been hacking the entire world.

    The files, leaked by the non-profit organization, indicate that for years the CIA has been methodically seeking and exploiting vulnerabilities in globally-famous software and hardware platforms in order to take control over them.

    According to the documents, the CIA hacking group possessed tools allowing them to infect a target computer bypassing PSPs (Personal Security Product).

    For instance, one of the files, entitled "Kaspersky 'heapgrd' DLL Inject," describes Russian cybersecurity provider Kaspersky Lab's PSPs vulnerabilities.

    "The Kaspersky AVP.EXE process references a DLL called WHEAPGRD.DLL. This DLL is supposed to be located in one of the Kaspersky directories (which are protected by the PSP). Due to a UNICODE/ASCII processing mistake, the DLL name is prepended with the Windows installation drive letter, rather than the full path to the DLL. For typical installations, this causes Kaspersky to look for the DLL 'CWHEAPGRD.DLL' by following the standard DLL search path order. Loading our own DLL into the AVP process enables us to bypass Kaspersky's protections," the document reads, adding that "this vulnerability is limited to some of Kaspersky's previous releases."

    The other document presents a screenshot of a "selected number of DLL misses from Kaspersky TDSS Killer Portable."

    Commenting on the issue, Kaspersky Lab spokesperson Olga Bogolyubskaya told Sputnik that the aforementioned DLL "heapgrd" vulnerability had been disclosed and fixed back in 2009.

    "Moreover, all new company products are subject to mandatory testing for this and other vulnerabilities before release," she stressed.

    "The products mentioned by WikiLeaks (KIS 7, KIS 8, WKSTNMP3) are obsolete versions of Kaspersky Lab's security software; [the company] has not provided technical support for these products for several years," Bogolyubskaya explained.

    Indeed, the CIA report published by WikiLeaks admits that Kaspersky Lab's more recent software products KIS 9+ and WKSTN MP4 do not have this vulnerability.

    "As for the DLL inject vulnerability in the TDSSKiller utility, also mentioned in the WikiLeaks report, it was closed in December 2015," she said.

    "Kaspersky Lab emphasizes that the documents published by WikiLeaks do not indicate that the given vulnerabilities were applied in practice against the solutions of Kaspersky Lab or other manufacturers of security software, but [they] describe the software analysis by using a 'reverse engineering' method," Bogolyubskaya elaborated.

    Earlier Kaspersky Lab said in an official statement that it is currently studying the latest reports released by WikiLeaks.

    "Kaspersky Lab is thoroughly studying the report published on WikiLeaks on March 7, 2017 in order to make sure that our clients are out of danger. The company pays special attention to such reports and statements," the statement said, highlighting that the cybersecurity of Kaspersky Lab's clients is the company's top priority.

    For its part, American cybersecurity provider Comodo Group, Inc., also mentioned in leaked CIA reports, said that the vulnerability in Comodo 6 antivirus, described by the CIA, was obsolete.

    Likewise, Apple Inc. called attention to the fact "many of the issues leaked today were already patched in the latest iOS."

    "While our initial analysis indicates that many of the issues leaked today were already patched in the latest iOS, we will continue work to rapidly address any identified vulnerabilities. We always urge customers to download the latest iOS to make sure they have the most recent security updates," an Apple spokesperson said as quoted by Techcrunch.com.

    While the world's leading software and hardware developers rushed to announce that they have either patched or are analyzing the vulnerabilities highlighted by WikiLeaks' CIA exposure, Google Inc. was the last one to dispel the mounting doubts.

    "As we've reviewed the documents, we're confident that security updates and protections in both Chrome and Android already shield users from many of these alleged vulnerabilities. Our analysis is ongoing and we will implement any further necessary protections. We've always made security a top priority and we continue to invest in our defenses," Heather Adkins, Google's Director of Information Security and Privacy, told Recode.net.

    Does it mean that computer users across the globe may now breathe a huge sigh of relief?

    Unlikely. The truth of the matter is the disclosure covers the period between 2013 and 2016 and apparently presents just the tip of the iceberg.

    "The CIA found itself building not just its now infamous drone fleet, but a very different type of covert, globe-spanning force — its own substantial fleet of hackers," WikiLeaks press release says.

    "In a statement to WikiLeaks the source details policy questions that they say urgently need to be debated in public, including whether the CIA's hacking capabilities exceed its mandated powers and the problem of public oversight of the agency. The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons," WikiLeaks highlights.

    Topic:
    'Vault 7': WikiLeaks Exposes CIA's Global Covert Hacking Program in Largest Ever Leak (43)

    Related:

    Russia Takes Into Account WikiLeaks Report of CIA Attempts to Wiretap Putin
    CIA: WikiLeaks-Type Disclosures Jeopardize US Personnel, Empower Adversaries
    Manual: How to Tell if The CIA Spies On Your Smart-TV
    NSA's Mass Spying Revelations Much More Serious Than CIA Leaks – Security Expert
    FBI, CIA Investigating WikiLeaks Publication of Hacking Documents
    Samsung Studying Reports About CIA Usage of Smart TVs for Surveillance
    Germany Taking WikiLeaks Information on CIA Surveillance 'Very Seriously'
    Tags:
    Silicon Valley, malware, software, intelligence, virus, hacking, hackers, surveillance, WikiLeaks, Central Intelligence Agency (CIA), Kaspersky Lab, Google Inc, Apple, United States, Russia
    Community standardsDiscussion
    Comment via FacebookComment via Sputnik
    • Сomment