More WikiLeaks-CIA News: Spying on the French Election, Taking Control of Your Smartphone

As you watch the Matrix, the Matrix watches you. Image © Kacper Pempel / Reuters (source)

by Gaius Publius

I want to offer three pieces of CIA news, all thanks to WikiLeaks, either directly or indirectly. Two of them expand on our earlier report ("Explosive WikiLeaks Release Exposes Massive, Aggressive CIA Cyber Spying, Hacking Capability"), while one is likely entirely new to you, since while it does have to do with spying on European elections, it doesn't have to do with Russia.

Let's start with the release of information about the most recent French election, the one in 2012.

CIA Espionage Orders for the 2012 French Election

WikiLeaks released this document in preparation for its release of the CIA "Vault 7" treasure trove. The underlying seven-page document details the information the CIA ordered its assets — including, one has to assume, its cyber-assets — to gather.

From the WikiLeaks press release (my emphasis):

CIA espionage orders for the last French presidential election

All major French political parties were targeted for infiltration by the CIA's human ("HUMINT") and electronic ("SIGINT") spies in the seven months leading up to France's 2012 presidential election. The revelations are contained within three CIA tasking orders published today by WikiLeaks as context for its forth coming CIA Vault 7 series. Named specifically as targets are the French Socialist Party (PS), the National Front (FN) and Union for a Popular Movement (UMP) together with current President Francois Hollande, then President Nicolas Sarkozy, current round one presidential front runner Marine Le Pen, and former presidential candidates Martine Aubry and Dominique Strauss-Khan. [...]

About Sarkozy, they write, "Sarkozy's earlier self-identification as "Sarkozy the American" did not protect him from US espionage in the 2012 election or during his presidency."

For what purpose was this information gathered? WikiLeaks has two comments on that. First:

Significantly, two CIA opposition espionage tasks, "What policies do they promote to help boost France's economic growth prospects?" and "What are their opinions on the German model of export-led growth?" resonate with a U.S. economic espionage order from the same year. That order requires obtaining details of every prospective French export contract or deal valued at $200m or more.

Information gathered via "economic espionage" has quite a few "customers", many of whom are in the so-called private sector. Airbus, for example, is a multinational aviation company based near Toulouse. Many of its export contracts surely surpass the "more than $200 million" bar. One of that company's chief competitors is Boeing, ostensibly a U.S. company.Is the CIA spying for people like the executives at Boeing? I'd call that likely.

Later in the press release, WikiLeaks offers a second motivation for spying on the French election:

The orders state that the collected information is to "support" the activities of the CIA, the Defence Intelligence Agency (DIA)'s E.U section, and the U.S. State Department's Intelligence and Research Branch.

What "activities" are they supporting? Do those activities include attempting to influence the electoral outcome so that policies favorable to the U.S. and U.S. companies are rendered more likely? Asked another way, is it only the Russians who put their thumbs on European electoral scales? As the original Mayor Daley used to put it, "Youth wants to know."

Finally, so far the Vault 7 WikiLeaks material details CIA intent and capabilities from 2013 to 2016. To what extent is the CIA involved in the current round on European elections? Is the U.S. purpose information gathering only?

Taking Full Control of Your Android or Apple Phone

Now for more from the Vault 7 release. This comes from Jenna McLaughlin at The Intercept (again my emphasis):

CIA Has an “Impressive List” of Ways to Hack Into Your Smartphone, WikiLeaks Files Indicate

A concerted effort by the CIA produced a library of software attacks to crack into Android smartphones and Apple iPhones, including some that could take full control of the devices, according to documents in a trove of files released by WikiLeaks Tuesday.

The attacks allow for varying levels of access — many powerful enough to allow the attacker to remotely take over the “kernel,” the heart of the operating system that controls the operation of the phone, or at least to have so-called “root” access, meaning extensive control over files and software processes on a device. These types of techniques would give access to information like geolocation, communications, contacts, and more. They would most likely be useful for targeted hacking, rather than mass surveillance. Indeed, one document describes a process by which a specific unit within the CIA “develops software exploits and implants for high priority target cellphones for intelligence collection.”

The WikiLeaks documents also include detailed charts concerning specific attacks the CIA can apparently perform on different types of cellphones and operating systems, including recent versions of iOS and Android — in addition to attacks the CIA has borrowed from other, public sources of malware. Some of the exploits, in addition to those purportedly developed by the CIA, were discovered and released by cybersecurity companies, hacker groups, and independent researchers, and purchased, downloaded, or otherwise acquired by the CIA, in some cases through other members of the intelligence community, including the FBI, NSA, and the NSA’s British counterpart GCHQ , the documents indicate.

One borrowed attack, Shamoon, is a notorious computer virus capable of stealing data and then completely destroying hardware. Persistence, a tool found by the CIA, allows the agency control over the device whenever it boots up again. Another acquired attack, SwampMonkey, allows CIA to get root privileges on undisclosed Android devices.

It's not just the CIA — the FBI has developed smartphone hacking capabilities:

In addition to the CIA’s efforts, an FBI hacking division, the Remote Operations Unit, has also been working to discover exploits in iPhones, one of the WikiLeaks documents, the iOS hacking chart, indicates.

And note this:

Last February, while investigating the perpetrator of a mass shooting in San Bernardino, the FBI attempted argued in court that Apple was obligated to give the FBI access to its phones by producing a weakened version of the device’s operating system. If the WikiLeaks documents are authentic, it would appear FBI and other elements of the intelligence community are already deeply involved in discovering their own way into iPhones. The compromise of the documents also calls into question government assurances in the San Bernardino case that any exploit developed by Apple to allow the FBI access to the killer’s phone would never be exposed to criminals or nation states.

I strongly suggest reading the hacking chart, linked here and above.

CIA Hides Device Vulnerabilities; Some Companies Appear Not to Mind

Our last news piece involves this: What has been the response of high tech companies to the information contained in the WikiLeaks material — in particular, the information about vulnerabilities in their own products? WikiLeaks contacted all of the companies involved. Some were more appreciative than others to learn what WikiLeaks has discovered.

Julian Assange provides an update to the first Vault 7 material in a tweet. It reads in part:

Update on CIA Vault7 "zero day" software vulnerabilities

Organizations such as Mozilla have exchanged letters with WikiLeaks and have been informed by WikiLeaks of some vulnerabilities. Google and some other companies have yet to respond other than to confirm receipt of our initial approach. The have not agreed, disagreed or questioned our industry standard responsible disclosure plan. Most of these lagging companies have conflicts of interest due to their classified work for U.S. government agencies.

Assange also adds this:

Should such companies choose not to secure their users against CIA or NSA attacks, users may prefer organizations such as Mozilla or European companies that prioritize their users over government contracts. Should these companies continue to drag their feet, we will create a league table comparing company responsiveness and government entanglements so users can decide for themselves. We will have more to say about this issue next week. –Julian Assange

The Obama administration made a commitment, as The Intercept points out, "to disclose serious software vulnerabilities to vendors to improve the security of their products. The administration developed a system called the Vulnerabilities Equities Process to allow various government entities to help determine when it’s better for national security to disclose unpatched vulnerabilities and when it’s better to take advantage of them to hunt targets." This promise, whatever it was worth, has been abrogated and nullified.

Remember, it may not be in the "national interest" at all to allow exploitable vulnerabilities in all of the nation's smartphones. Consider the damage that can be done by foreign governments and international criminal types, as they exploit the same vulnerabilities the CIA and FBI also exploit. Is that "keeping us safe?" Hardly.

Keeping its citizens weak and vulnerable to exploitation weakens the nation against all its enemies. So why do agencies like the CIA, the FBI, and certainly the NSA as well, do this? For the benefit of those individual agencies only, as they struggle for primacy and place in what I call "spook world." Our weakness is an important part of sustaining their strength.

Needless to say, we've long left the Founders' U.S.A., and this definitely isn't Kansas in any sense. Nicole Sander and I discussed that point, our entry into spook world, in this interview, including what might be motivating WikiLeaks. The discussion itself starts at the 16:13 mark. Enjoy.

Scheduling note: My comments here appear on Monday and Thursday.

GP