WikiLeaks faces U.S. probes into its 2016 election role and CIA leaks: sources

WikiLeaks faces U.S. probes into its 2016 election role and CIA leaks: sources

By Mark Hosenball

WASHINGTON (Reuters) – WikiLeaks and its founder, Julian Assange, are facing multiple investigations by U.S. authorities, including three congressional probes and a federal criminal inquiry, sources familiar with the investigations said.

The Senate and House of Representatives intelligence committees and leaders of the Senate Judiciary Committee are probing the website’s role in the 2016 U.S. presidential election campaign, according to the sources, who all requested anonymity, and public documents.

WikiLeaks published emails hacked from the Democratic Party and the personal email account of John Podesta, Hillary Clinton’s 2016 presidential campaign chairman.

In a report issued in January, the CIA, the National Security Agency, and the Federal Bureau of Investigation said Russian intelligence did the hacking, and the GRU, Russia’s military intelligence agency, sent hacked data to WikiLeaks via intermediaries.

The Senate Intelligence Committee is investigating who gave WikiLeaks the hacked Democratic National Committee data that WikiLeaks published in July 2016, which included more than 44,000 emails and 17,000 attachments, the sources said. So far, its inquiries are still at an early stage, the sources said.

Senate Judiciary Committee leaders have asked Jared Kushner, Trump’s son-in-law, for emails related to WikiLeaks.

The House Intelligence Committee has questioned Roger Stone, a longtime friend of President Donald Trump and a veteran political operative who promoted WikiLeaks’ disclosures of the emails on Twitter.

After initially refusing to identify an intermediary he dealt with who was in contact with Assange, Stone later told the committee it was Randy Credico, a left-wing comedian.

The committee sent Credico a letter asking him to appear voluntarily. When he declined to do so, the panel sent him a subpoena requiring him to give a deposition.

Credico’s lawyer, Martin Stoller, said on Wednesday that Credico was considering whether to invoke his First and Fifth Amendment rights under the U.S. Constitution to avoid answering questions.

It is unclear whether Credico could help investigators uncover where WikiLeaks got the hacked Democratic emails.

In emails to Reuters, Stone has dismissed the intelligence agencies’ conclusion about Russian hacking.

It is not known whether Robert Mueller, the Justice Department special counsel investigating possible Russian interference in the 2016 presidential election, is investigating WikiLeaks.

A U.S. lawyer for Assange, Barry Pollack, said Mueller’s team had not contacted him.

Meanwhile, federal prosecutors in Alexandria, Virginia, are conducting a criminal investigation into how WikiLeaks obtained thousands of classified U.S. government documents, including CIA materials and most recently ultra-secret technical materials describing American spy agency hacking tools. Law enforcement sources and Pollack said the probe began several years ago.

Assange has lived in the Ecuadorean Embassy in London for several years after taking refuge there when Swedish authorities sought his extradition in a sexual molestation case.

(This story has been refiled to fix spelling of “WikiLeaks” in headline)

(Reporting By Mark Hosenball; Editing by John Walcott and Jonathan Oatis)

CIA chief calls WikiLeaks a ‘hostile intelligence service’

Central Intelligence Agency Director Mike Pompeo speaks at The Center for Strategic and International Studies in Washington, U.S. April 13, 2017. REUTERS/Eric Thayer

By Warren Strobel and Mark Hosenball

WASHINGTON (Reuters) – CIA Director Mike Pompeo on Thursday called WikiLeaks a “hostile intelligence service,” using his first public speech as spy agency chief to denounce leakers who have plagued U.S. intelligence.

Pompeo, in an address at the Center for Strategic and International Studies think tank, called WikiLeaks founder Julian Assange “a fraud” and “a coward.”

“It is time to call out WikiLeaks for what it really is, a non-state hostile intelligence service often abetted by state actors like Russia,” Pompeo said.

He said Russia’s GRU military intelligence service used Wikileaks to distribute material hacked from Democratic National Committee computers during the 2016 U.S. presidential election.

U.S. intelligence agencies have concluded that Russia stole the emails and took other actions to tilt the election in favor of eventual winner Donald Trump, a Republican, against Democratic candidate Hillary Clinton.

Pompeo and President Donald Trump, who chose him to head the CIA, have not always been so critical of WikiLeaks. During a campaign rally last October, Trump praised the group for releasing hacked emails from the DNC by saying, “I love WikiLeaks.”

In July, Pompeo, than a Republican member of the House of Representatives, mentioned it in a Twitter post referring to claims that the DNC had slanted the candidate-selection process to favor Clinton. “Need further proof that the fix was in from Pres. Obama on down? BUSTED: 19,252 Emails from DNC Leaked by Wikileaks.”

WikiLeaks has published secret documents from the U.S. government and others and says its mission is to fight government secrecy and promote transparency. Pompeo said it has “encouraged its followers to find jobs at CIA in order to obtain intelligence.”

Assange has been holed up in the Ecuadorean Embassy in London since 2012, after taking refuge there to avoid extradition to Sweden over allegations of rape, which he denies.

Two of Assange’s lawyers and a Wikileaks spokesman did not immediately respond to requests for comment on Pompeo’s remarks.

Pompeo’s speech on Thursday follows a series of damaging leaks of highly sensitive CIA and National Security Agency material.

In March, WikiLeaks published thousands of pages of internal CIA discussions that revealed hacking techniques the agency had used against iPhones, Android devices and other targets.

Pompeo also had harsh words for Edward Snowden, the former National Security Administration contractor who downloaded thousands of documents revealing some of the electronic eavesdropping agency’s most sensitive programs and shared them with journalists.

“More than a thousand foreign targets, people, groups, organizations, more than a thousand of them changed or tried to change how they communicated as a result of the Snowden disclosures,” Pompeo said. “That number is staggering.”

U.S. intelligence agencies have struggled to deal with “insider threats” – their own employees or contractors who steal classified materials and, in some cases, publicize them.

In response to a question, Pompeo disputed Russia’s account of a chemical weapons attack in Syria that prompted retaliatory cruise missile strikes by Trump last week.

Moscow has said that Syrian rebels, rather than the Syrian government, were responsible.

“None of the (accounts) have an ounce of truth in them,” Pompeo said, calling Russian President Vladimir Putin “a man for whom veracity doesn’t translate into English.”

(Additional reporting by Eric Walsh; Editing by Eric Beech and Bill Trott)

Symantec attributes 40 cyber attacks to CIA-linked hacking tools

An analyst looks at code in the malware lab of a cyber security defense lab at the Idaho National Laboratory in Idaho Falls, Idaho

By Joseph Menn

SAN FRANCISCO (Reuters) – Past cyber attacks on scores of organizations around the world were conducted with top-secret hacking tools that were exposed recently by the Web publisher Wikileaks, the security researcher Symantec Corp said on Monday.

That means the attacks were likely conducted by the U.S. Central Intelligence Agency. The files posted by WikiLeaks appear to show internal CIA discussions of various tools for hacking into phones, computers and other electronic gear, along with programming code for some of them, and multiple people familiar with the matter have told Reuters that the documents came from the CIA or its contractors.

Symantec said it had connected at least 40 attacks in 16 countries to the tools obtained by WikiLeaks, though it followed company policy by not formally blaming the CIA.

The CIA has not confirmed the Wikileaks documents are genuine. But agency spokeswoman Heather Fritz Horniak said that any WikiLeaks disclosures aimed at damaging the intelligence community “not only jeopardize U.S. personnel and operations, but also equip our adversaries with tools and information to do us harm.

“It is important to note that CIA is legally prohibited from conducting electronic surveillance targeting individuals here at home, including our fellow Americans, and CIA does not do so,” Horniak said.

She declined to comment on the specifics of Symantec’s research.

The CIA tools described by Wikileaks do not involve mass surveillance, and all of the targets were government entities or had legitimate national security value for other reasons, Symantec researcher Eric Chien said ahead of Monday’s publication.

In part because some of the targets are U.S. allies in Europe, “there are organizations in there that people would be surprised were targets,” Chien said.

Symantec said sectors targeted by operations employing the tools included financial, telecommunications, energy, aerospace, information technology, education, and natural resources.

Besides Europe, countries were hit in the Middle East, Asia, and Africa. One computer was infected in the United States in what was likely an accident – the infection was removed within hours. All the programs were used to open back doors, collect and remove copies of files, rather than to destroy anything.

The eavesdropping tools were created at least as far back as 2011 and possibly as long ago as 2007, Chien said. He said the WikiLeaks documents are so complete that they likely encompass the CIA’s entire hacking toolkit, including many taking advantage of previously unknown flaws.

The CIA is best-known for its human intelligence sources and analysis, not vast electronic operations. For that reason, being forced to build new tools is a setback but not a catastrophe.

It could lead to awkward conversations, however, as more allies realize the Americans were spying and confront them.

Separately, a group calling itself the Shadow Brokers on Saturday released another batch of pilfered National Security Agency hacking tools, along with a blog post criticizing President Donald Trump for attacking Syria and moving away from his conservative political base.

It is unclear who is behind the Shadow Brokers or how the group obtained the files.

(Additional reporting by Jonathan Weber and Anna Driver; Editing by Matthew Lewis and Mary Milliken)

A scramble at Cisco exposes uncomfortable truths about U.S. cyber defense

The logo of Cisco is seen at Mobile World Congress in Barcelona, Spain, February 27, 2017. REUTERS/Eric Gaillard

By Joseph Menn

SAN FRANCISCO (Reuters) – When WikiLeaks founder Julian Assange disclosed earlier this month that his anti-secrecy group had obtained CIA tools for hacking into technology products made by U.S. companies, security engineers at Cisco Systems <CSCO.O> swung into action.

The Wikileaks documents described how the Central Intelligence Agency had learned more than a year ago how to exploit flaws in Cisco’s widely used Internet switches, which direct electronic traffic, to enable eavesdropping.

Senior Cisco managers immediately reassigned staff from other projects to figure out how the CIA hacking tricks worked, so they could help customers patch their systems and prevent criminal hackers or spies from using the same methods, three employees told Reuters on condition of anonymity.

The Cisco engineers worked around the clock for days to analyze the means of attack, create fixes, and craft a stopgap warning about a security risk affecting more than 300 different products, said the employees, who had direct knowledge of the effort.

That a major U.S. company had to rely on WikiLeaks to learn about security problems well-known to U.S. intelligence agencies underscores concerns expressed by dozens of current and former U.S. intelligence and security officials about the government’s approach to cybersecurity.

That policy overwhelmingly emphasizes offensive cyber-security capabilities over defensive measures, these people told Reuters, even as an increasing number of U.S. organizations have been hit by hacks attributed to foreign governments.

Larry Pfeiffer, a former senior director of the White House Situation Room in the Obama administration, said now that others were catching up to the United States in their cyber capabilities, “maybe it is time to take a pause and fully consider the ramifications of what we’re doing.”

U.S. intelligence agencies blamed Russia for the hack of the Democratic National Committee during the 2016 election. Nation-states are also believed to be behind the 2014 hack of Sony Pictures Entertainment and the 2015 breach of the U.S. Government’s Office of Personnel Management.

CIA spokeswoman Heather Fritz Horniak declined to comment on the Cisco case, but said it was the agency’s “job to be innovative, cutting-edge, and the first line of defense in protecting this country from enemies abroad.”

The Office of the Director of National Intelligence, which oversees the CIA and NSA, referred questions to the White House, which declined to comment.

Across the federal government, about 90 percent of all spending on cyber programs is dedicated to offensive efforts, including penetrating the computer systems of adversaries, listening to communications and developing the means to disable or degrade infrastructure, senior intelligence officials told Reuters.

President Donald Trump’s budget proposal would put about $1.5 billion into cyber-security defense at the Department of Homeland Security (DHS). Private industry and the military also spend money to protect themselves.

But the secret part of the U.S. intelligence budget alone totaled about $50 billion annually as of 2013, documents leaked by NSA contractor Edward Snowden show. Just 8 percent of that figure went toward “enhanced cyber security,” while 72 percent was dedicated to collecting strategic intelligence and fighting violent extremism.

Departing NSA Deputy Director Rick Ledgett confirmed in an interview that 90 percent of government cyber spending was on offensive efforts and agreed it was lopsided.

“It’s actually something we’re trying to address” with more appropriations in the military budget, Ledgett said. “As the cyber threat rises, the need for more and better cyber defense and information assurance is increasing as well.”

The long-standing emphasis on offense stems in part from the mission of the NSA, which has the most advanced cyber capabilities of any U.S. agency.

It is responsible for the collection of intelligence overseas and also for helping defend government systems. It mainly aids U.S. companies indirectly, by assisting other agencies.

“I absolutely think we should be placing significantly more effort on the defense, particularly in light of where we are with exponential growth in threats and capabilities and intentions,” said Debora Plunkett, who headed the NSA’s defensive mission from 2010 to 2014.

GOVERNMENT ROLE

How big a role the government should play in defending the private sector remains a matter of debate.

Former military and intelligence leaders such as ex-NSA Director Keith Alexander and former Secretary of Defense Ashton Carter say that U.S. companies and other institutions cannot be solely responsible for defending themselves against the likes of Russia, China, North Korea and Iran.

For tech companies, the government’s approach is frustrating, executives and engineers say.

Sophisticated hacking campaigns typically rely on flaws in computer products. When the NSA or CIA find such flaws, under current policies they often choose to keep them for offensive attacks, rather than tell the companies.

In the case of Cisco, the company said the CIA did not inform the company after the agency learned late last year that information about the hacking tools had been leaked.

“Cisco remains steadfast in the position that we should be notified of all vulnerabilities if they are found, so we can fix them and notify customers,” said company spokeswoman Yvonne Malmgren.

SIDE BY SIDE

A recent reorganization at the NSA, known as NSA21, eliminated the branch that was explicitly responsible for defense, the Information Assurance Directorate (IAD), the largest cyber-defense workforce in the government. Its mission has now been combined with the dominant force in the agency, signals intelligence, in a broad operations division.

Top NSA officials, including director Mike Rogers, argue that it is better to have offensive and defensive specialists working side by side. Other NSA and White House veterans contend that perfect defense is impossible and therefore more resources should be poured into penetrating enemy networks – both to head off attacks and to determine their origin.

Curtis Dukes, the last head of IAD, said in an interview after retiring last month that he feared defense would get even less attention in a structure where it does not have a leader with a direct line to the NSA director.

“It’s incumbent on the NSA to say, ‘This is an important mission’,” Dukes said. “That has not occurred.”

(Reporting by Joseph Menn in San Francisco. Additional reporting by Warren Strobel in Washington.; Editing by Jonathan Weber and Ross Colvin)

WikiLeaks offers CIA hacking tools to tech companies: Assange

WikiLeaks founder Julian Assange makes a speech from the balcony of the Ecuadorian Embassy, in central London, Britain February 5, 2016. REUTERS/Peter Nicholls/Files

By Dustin Volz and Eric Auchard

WASHINGTON/FRANKFURT (Reuters) – WikiLeaks will provide technology companies with exclusive access to CIA hacking tools that it possesses, to allow them to patch software flaws, founder Julian Assange said on Thursday.

The offer, if legitimate, could put Silicon Valley in the unusual position of deciding whether to cooperate with Assange, a man believed by some U.S. officials and lawmakers to be an untrustworthy pawn of Russian President Vladimir Putin, or a secretive U.S. spy agency.

It was not clear how WikiLeaks intended to cooperate with technology companies, or if they would accept his offer. The anti-secrecy group published documents on Tuesday describing secret Central Intelligence Agency hacking tools and snippets of computer code. It did not publish the full programs that would be needed to actually conduct cyber exploits against phones, computers and Internet-connected televisions.

Representatives of Alphabet Inc’s Google Apple Inc, Microsoft Corp <MSFT.O> and Cisco Systems Inc <CSCO.O>, all of whose wares are subject to attacks described in the documents, did not immediately respond to requests for comment before regular business hours on the U.S. West Coast.

“Considering what we think is the best way to proceed and hearing these calls from some of the manufacturers, we have decided to work with them to give them some exclusive access to the additional technical details that we have so that the fixes can be developed and pushed out, so people can be secure,” Assange said during a press conference broadcast via Facebook Live.

Responding to Assange’s comments, CIA spokesman Jonathan Liu, said in a statement, “As we’ve said previously, Julian Assange is not exactly a bastion of truth and integrity.”

“Despite the efforts of Assange and his ilk, CIA continues to aggressively collect foreign intelligence overseas to protect America from terrorists, hostile nation states and other adversaries.”

The disclosures alarmed the technology world and among consumers concerned about the potential privacy implications of the cyber espionage tactics that were described.

One file described a program known as Weeping Angel that purportedly could take over a Samsung smart television, making it appear it was off when in fact it was recording conversations in the room.

Other documents described ways to hack into Apple Inc <AAPL.O> iPhones, devices running Google’s <GOOGL.O> Android software and other gadgets in a way that could observe communications before they are protected by end-to-end encryption offered by messaging apps like Signal or WhatsApp.

Several companies have already said they are confident that their recent security updates have already accounted for the purported flaws described in the CIA documents. Apple said in a statement on Tuesday that “many of the issues” leaked had already been patched in the latest version of its operating system.

WikiLeaks’ publication of the documents reignited a debate about whether U.S. intelligence agencies should hoard serious cyber security vulnerabilities rather than share them with the public. An interagency process created under former President Barack Obama called for erring on the side of disclosure.

President Donald Trump believed changes were needed to safeguard secrets at the CIA, White House spokesman Sean Spicer told a news briefing on Thursday. “He believes that the systems at the CIA are outdated and need to be updated.”

Two U.S. intelligence and law enforcement officials told Reuters on Wednesday that intelligence agencies have been aware since the end of last year of a breach at the CIA, which led to WikiLeaks releasing thousands of pages of information on its website.

The officials, speaking on condition of anonymity, said contractors likely breached security and handed over the documents to WikiLeaks. The CIA has declined to comment on the authenticity of the documents leaked, but the officials said they believed the pages about hacking techniques used between 2013 and 2016 were authentic.

Contractors have been revealed as the source of sensitive government information leaks in recent years, most notably Edward Snowden and Harold Thomas Martin, both employed by consulting firm Booz Allen Hamilton <BAH.N> while working for the National Security Agency.

Assange said he possessed “a lot more information” about the CIA’s cyber arsenal that would be released soon. He criticized the CIA for “devastating incompetence” for not being able to control access to such sensitive material.

Nigel Farage, the former leader of the populist UK Independence Party, visited Assange at the Ecuadorean embassy in London earlier on Thursday. A representative for Farage said he was unaware what was discussed.

Assange has been holed up since 2012 at the embassy, where he fled to avoid extradition to Sweden over allegations of rape, which he denies.

(Reporting by Dustin Volz; Additional reporting by Eric Auchard in Frankfurt, Joseph Menn in San Francisco and Guy Falconbridge in London; Editing by Frances Kerry and Grant McCool)

CIA contractors likely source of latest WikiLeaks release: U.S. officials

The lobby of the CIA Headquarters Building in Langley, Virginia, U.S. on August 14, 2008. REUTERS/Larry Downing/File Photo

By John Walcott and Mark Hosenball

WASHINGTON (Reuters) – Contractors likely breached security and handed over documents describing the Central Intelligence Agency’s use of hacking tools to anti-secrecy group WikiLeaks, U.S. intelligence and law enforcement officials told Reuters on Wednesday.

Two officials speaking on condition of anonymity said intelligence agencies have been aware since the end of last year of the breach, which led to WikiLeaks releasing thousands of pages of information on its website on Tuesday.

According to the documents, CIA hackers could get into Apple Inc <AAPL.O> iPhones, devices running Google’s Android software and other gadgets in order to capture text and voice messages before they were encrypted with sophisticated software.

The White House said on Wednesday that President Donald Trump was “extremely concerned” about the CIA security breach that led to the WikiLeaks release.

“Anybody who leaks classified information will be held to the highest degree of law,” spokesman Sean Spicer said.

The two officials told Reuters they believed the published documents about CIA hacking techniques used between 2013 and 2016 were authentic.

One of the officials with knowledge of the investigation said companies that are contractors for the CIA have been checking to see which of their employees had access to the material that WikiLeaks published, and then going over their computer logs, emails and other communications for any evidence of who might be responsible.

On Tuesday in a press release, WikiLeaks itself said the CIA had “lost control” of an archive of hacking methods and it appeared to have been circulated “among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.”

The CIA, which is the United States’ civilian foreign intelligence service, declined to comment on the authenticity of purported intelligence documents.

The agency said in a statement that its mission was to collect foreign intelligence abroad “to protect America from terrorists, hostile nation states and other adversaries” and to be “innovative, cutting-edge, and the first line of defense in protecting this country from enemies abroad.”

The CIA is legally prohibited from surveillance inside the United States and “does not do so”, the statement added.

CONTRACTORS MUST BE ‘LOYAL TO AMERICA’

A U.S. government source familiar with the matter said it would be normal for the Federal Bureau of Investigation and the CIA both to open investigations into such leaks. U.S. officials previously have confirmed that prosecutors in Alexandria, Virginia for years have been conducting a federal grand jury investigation of WikiLeaks and its personnel.

A spokesman for the prosecutors declined to comment on the possibility of that probe being expanded. It is not clear if the investigation of the latest CIA leaks is part of the probe.

Contractors have been revealed as the source of sensitive government information leaks in recent years, most notably Edward Snowden and Harold Thomas Martin, both employed by consulting firm Booz Allen Hamilton <BAH.N> while working for the National Security Agency.

U.S. Senator Dianne Feinstein of California and a Democrat on the intelligence committee, said the government needed to stop the breaches.

“I think we really need to take a look at the contractor portion of the employee workforce, because you have to be loyal to America to work for an intelligence agency, otherwise don’t do it,” Feinstein said.

Both U.S. Senate and U.S. House of Representatives intelligence committees have either opened or are expected to open inquiries into the CIA breach, congressional officials said.

Some cyber security experts and technology companies have criticized the government for opting to exploit rather than disclose software vulnerabilities, though an interagency review process set up under former President Barack Obama was intended to err on the side of disclosure.

Those concerns would grow if U.S. authorities did not notify companies that CIA documents describing various hacking techniques had been compromised.

Apple, Alphabet Inc’s <GOOGL.O> Google, Cisco Systems Inc <CSCO.O> and Oracle Corp <ORCL.N> did not immediately respond when asked if they were notified of a CIA breach before WikiLeaks made its files public.

At Apple, none of the vulnerabilities described in the documents provoked a panic, though analysis was continuing, according to a person who spoke with engineers there.

Google’s director of information security and privacy, Heather Adkins, said in a statement: “As we’ve reviewed the documents, we’re confident that security updates and protections in both Chrome and Android (operating systems) already shield users from many of these alleged vulnerabilities. Our analysis is ongoing and we will implement any further necessary protections.”

LARGER NUMBER OF CONTRACTORS

One reason the investigation is focused on a potential leak by contractors rather than for example a hack by Russian intelligence, another official said, is that so far there is no evidence that Russian intelligence agencies tried to exploit any of the leaked material before it was published.

One European official, speaking on condition of anonymity, said the WikiLeaks material could in fact lead to closer cooperation between European intelligence agencies and U.S. counterparts, which share concerns about Russian intelligence operations.

U.S. intelligence agencies have accused Russia of seeking to tilt last year’s U.S. presidential election in Trump’s favor, including by hacking into Democratic Party emails. Moscow has denied the allegation.

One major security problem was that the number of contractors with access to information with the highest secrecy classification has “exploded” because of federal budget constraints, the first U.S. official said.

U.S. intelligence agencies have been unable to hire additional permanent staff needed to keep pace with technological advances such as the “internet of things” that connects cars, home security and heating systems and other devices to computer networks, or to pay salaries competitive with the private sector, the official said.

Reuters could not immediately verify the contents of the published documents.

A person familiar with WikiLeaks’ activities said the group has had the CIA hacking material for months, and that the release of the material was in the works “for a long time.”

In Germany on Wednesday, the chief federal prosecutor’s office said that it would review the WikiLeaks documents because some suggested that the CIA ran a hacking hub from the U.S. consulate in Frankfurt.

“We will initiate an investigation if we see evidence of concrete criminal acts or specific perpetrators,” a spokesman for the federal prosecutor’s office told Reuters.

Chancellor Angela Merkel is scheduled to visit Washington on March 14 for her first meeting with Trump, who has sharply criticized Berlin for everything from its trade policy to what he considers inadequate levels of military spending.

(Reporting by John Walcott, Mark Hosenball, Dustin Volz, Yara Bayoumy in Washington and Matthias Sobolewski and Andrea Shalal in Berlin; Additional reporting by Joseph Menn in San Francisco; Writing by Grant McCool; Editing by Peter Graff and Bill Rigby)

WikiLeaks says it releases files on CIA cyber spying tools

FILE PHOTO: People are silhouetted as they pose with laptops in front of a screen projected with binary code and a Central Inteligence Agency (CIA) emblem, in this picture illustration taken in Zenica, Bosnia and Herzegovina October 29, 2014. REUTERS/Dado Ruvic/File Photo/Illustration

By Dustin Volz and Warren Strobel

WASHINGTON (Reuters) – Anti-secrecy group WikiLeaks on Tuesday published what it said were thousands of pages of internal CIA discussions about hacking techniques used over several years, renewing concerns about the security of consumer electronics and embarrassing yet another U.S. intelligence agency.

The discussion transcripts showed that CIA hackers could get into Apple Inc iPhones, Google Inc Android devices and other gadgets in order to capture text and voice messages before they were encrypted with sophisticated software.

Cyber security experts disagreed about the extent of the fallout from the data dump, but said a lot would depend on whether WikiLeaks followed through on a threat to publish the actual hacking tools that could do damage.

Reuters could not immediately verify the contents of the published documents, but several contractors and private cyber security experts said the materials, dated between 2013 and 2016, appeared to be legitimate.

A longtime intelligence contractor with expertise in U.S. hacking tools told Reuters the documents included correct “cover” terms describing active cyber programs.

Among the most noteworthy WikiLeaks claims is that the Central Intelligence Agency, in partnership with other U.S. and foreign agencies, has been able to bypass the encryption on popular messaging apps such as WhatsApp, Telegram and Signal.

The files did not indicate the actual encryption of Signal or other secure messaging apps had been compromised.

The information in what WikiLeaks said were 7,818 web pages with 943 attachments appears to represent the latest breach in recent years of classified material from U.S. intelligence agencies.

Security experts differed over how much the disclosures could damage U.S. cyber espionage. Many said that, while harmful, they do not compare to former National Security Agency contractor Edward Snowden’s revelations in 2013 of mass NSA data collection.

“This is a big dump about extremely sophisticated tools that can be used to target individual user devices … I haven’t yet come across the mass exploiting of mobile devices,” said Tarah Wheeler, senior director of engineering and principal security advocate for Symantec.

Stuart McClure, CEO of Cylance, an Irvine, California, cyber security firm, said that one of the most significant disclosures shows how CIA hackers cover their tracks by leaving electronic trails suggesting they are from Russia, China and Iran rather than the United States.

Other revelations show how the CIA took advantage of vulnerabilities that are known, if not widely publicized.

In one case, the documents say, U.S. and British personnel, under a program known as Weeping Angel, developed ways to take over a Samsung smart television, making it appear it was off when in fact it was recording conversations in the room.

The CIA and White House declined comment. “We do not comment on the authenticity or content of purported intelligence documents,” CIA spokesman Jonathan Liu said in a statement.

Google declined to comment on the purported hacking of its Android platform, but said it was investigating the matter.

Snowden on Twitter said the files amount to the first public evidence that the U.S. government secretly buys software to exploit technology, referring to a table published by WikiLeaks that appeared to list various Apple iOS flaws purchased by the CIA and other intelligence agencies.

Apple Inc did not respond to a request for comment.

The documents refer to means for accessing phones directly in order to catch messages before they are protected by end-to-end encryption tools like Signal.

Signal inventor Moxie Marlinspike said he took that as “confirmation that what we’re doing is working.” Signal and the like are “pushing intelligence agencies from a world of undetectable mass surveillance to a world where they have to use expensive, high-risk, extremely targeted attacks.”

CIA CYBER PROGRAMS

The CIA in recent years underwent a restructuring to focus more on cyber warfare to keep pace with the increasing digital sophistication of foreign adversaries. The spy agency is prohibited by law from collecting intelligence that details domestic activities of Americans and is generally restricted in how it may gather any U.S. data for counterintelligence purposes.

The documents published Tuesday appeared to supply specific details to what has been long-known in the abstract: U.S. intelligence agencies, like their allies and adversaries, are constantly working to discover and exploit flaws in any manner of technology products.

Unlike the Snowden leaks, which revealed the NSA was secretly collecting details of telephone calls by ordinary Americans, the new WikiLeaks material did not appear to contain material that would fundamentally change what is publicly known about cyber espionage.

WikiLeaks, led by Julian Assange, said its publication of the documents on the hacking tools was the first in a series of releases drawing from a data set that includes several hundred million lines of code and includes the CIA’s “entire hacking capacity.”

The documents only include snippets of computer code, not the full programs that would be needed to conduct cyber exploits.

WikiLeaks said it was refraining from disclosing usable code from CIA’s cyber arsenal “until a consensus emerges on the technical and political nature of the C.I.A.’s program and how such ‘weapons’ should be analyzed, disarmed and published.”

U.S. intelligence agencies have said that Wikileaks has ties to Russia’s security services. During the 2016 U.S. presidential campaign, Wikileaks published internal emails of top Democratic Party officials, which the agencies said were hacked by Moscow as part of a coordinated influence campaign to help Republican Donald Trump win the presidency.

WikiLeaks has denied ties to Russian spy agencies.

Trump praised WikiLeaks during the campaign, often citing hacked emails it published to bolster his attacks on Democratic Party candidate Hillary Clinton.

WikiLeaks said on Tuesday that the documents showed that the CIA hoarded serious security vulnerabilities rather than share them with the public, as called for under a process established by President Barack Obama.

Rob Knake, a former official who dealt with the issue under Obama, said he had not seen evidence in what was published to support that conclusion.

The process “is not a policy of unilateral disarmament in cyberspace. The mere fact that the CIA may have exploited zero-day [previously undisclosed] vulnerabilities should not surprise anyone,” said Knake, now at the Council on Foreign Relations.

U.S. officials, speaking on condition of anonymity, said they did not know where WikiLeaks might have obtained the material.

In a press release, the group said, “The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.”

U.S. intelligence agencies have suffered a series of security breaches, including Snowden’s.

In 2010, U.S. military intelligence analyst Chelsea Manning provided more than 700,000 documents, videos, diplomatic cables and battlefield accounts to Wikileaks.

Last month, former NSA contractor Harold Thomas Martin was indicted on charges of taking highly sensitive government materials over a course of 20 years, storing the secrets in his home.

(Reporting by Dustin Volz and Warren Strobel; additional reporting by Joseph Menn, Mark Hosenball, Jonathan Landay and Jim Finkle; Editing by Grant McCool)

WikiLeaks’ Assange signals release of documents before U.S. election

Julian Assange, Founder and Editor-in-Chief of WikiLeaks speaks via video link during a press conference on the occasion of the ten year anniversary celebration of WikiLeaks in Berlin, Germany,

By Andrea Shalal

BERLIN (Reuters) – WikiLeaks founder Julian Assange said on Tuesday the group would publish about one million documents related to the U.S. election and three governments in coming weeks, but denied the release was aimed at damaging Hillary Clinton.

Assange, speaking via a video link, said the documents would be released before the end of the year, starting with an initial batch in the coming week.

Assange, 45, who remains at the Ecuadoran embassy in London where he sought refuge in 2012 to avoid possible extradition to Sweden, said the election material was “significant” and would come out before the Nov. 8 U.S. presidential election.

He criticized Clinton, the Democratic presidential candidate, for demonizing his WikiLeaks group’s work after a spate of releases related to the Democratic National Committee before the Democratic political convention this summer.

Assange said her campaign had falsely suggested that accessing WikiLeaks data would expose users to malicious software.

But he denied the release of documents relating to the U.S. election was specifically aimed at damaging Clinton, saying he had been misquoted.

“The material that WikiLeaks is going to publish before the end of the year is of … a very significant moment in different directions, affecting three powerful organizations in three different states as well as … the U.S election process,” he said via a video link at an event marking the group’s 10th anniversary.

He said the material would focus on war, weapons, oil, mass surveillance, the technology giant Google and the U.S. election, but declined to give any details.

“There has been a misquoting of me and Wikileaks publications … (suggesting) we intend to harm Hillary Clinton or I intend to harm Hillary Clinton or that I don’t like Hillary Clinton. All those are false,” he said.

Assange had told Fox News in an interview conducted by satellite in August that the group would release significant information related to Clinton’s campaign.

Assange also signaled changes in the way WikiLeaks is organized and funded, saying the group would soon open itself to membership. He said the group was looking to expand its media ties beyond the 100 outlets it already works with.

He told journalists gathered at a Berlin theater that the group’s work would continue, even if he had to resign in the future, and he appealed to supporters to fund its work. He also held up copies of several forthcoming books.

Assange and his attorney said Britain’s vote to leave the European Union could complicate his situation by limiting his ability to appeal to the European Court of Justice or the Council of Europe, a European human rights body.

Asked how he felt after four years in the embassy, he said “pale” and joked he would be a good candidate for medical study since he was otherwise healthy but had not seen the sun in over four years.

Assange is wanted in Sweden for questioning about allegations that he committed rape in 2010. He denies the charges, and says he fears subsequent extradition to the United States, where a criminal investigation into the activities of WikiLeaks is underway.

In 2010, WikiLeaks released more than 90,000 secret documents on the U.S.-led military campaign in Afghanistan, followed by almost 400,000 U.S. military reports detailing operations in Iraq. Those disclosures were followed by the release of millions of diplomatic cables dating back to 1973.

(Reporting by Andrea Shalal; Editing by Madeline Chambers and Richard Balmforth)

Democratic Party says it was hacked again, blames Russians

nternet LAN cables are pictured in this photo illustration taken in Sydney June 23, 2011. Australia cleared a key hurdle on Thursday in setting up a $38 billion high-speed broadband system after phone operator Telstra agreed to rent out its network for the nation's biggest infrastructure project in decades.

WASHINGTON (Reuters) – The head of the Democratic National Committee said on Tuesday the organization had been hacked by Russian state-sponsored agents who were trying to influence the U.S. presidential election, after a similar leak in July roiled the party.

A link to the documents was posted on WikiLeaks’ Twitter account and attributed to alleged hacker Guccifer 2.0. The release came during a presentation on Tuesday from a person speaking on behalf of Guccifer 2.0 at a London cyber security conference, Politico reported.

Reuters could not immediately access the documents.

“There’s one person who stands to benefit from these criminal acts, and that’s (Republican presidential nominee) Donald Trump,” DNC interim Chair Donna Brazile said in a statement.

“Not only has Trump embraced (Russian President Vladimir)Putin, he publicly encouraged further Russian espionage to help his campaign,” she said.

Trump in July invited Russia to dig up emails from Clinton’s time as secretary of state, prompting Democrats to accuse him of urging foreigners to spy on Americans. He later said he was speaking sarcastically.

The Trump campaign did not immediately respond to a request for comment.

Debbie Wasserman Schultz resigned as DNC chair on the eve of July’s Democratic National Convention after WikiLeaks published an earlier trove of hacked DNC emails that showed party officials favoring eventual nominee Hillary Clinton over U.S. Senator Bernie Sanders during the party’s nominating contests. Three other senior officials also stepped down from the DNC after the leak.

“We have been anticipating that an additional batch of documents stolen by Russian agents would be released,” said Brazile, who took over from Wasserman Schultz on an interim basis.

Democratic Party sources said the party and Clinton’s presidential campaign were deeply concerned about possible publication by WikiLeaks or other hackers of a new torrent of potentially embarrassing party information ahead of the Nov. 8 election.

(Reporting by Eric Beech and Mark Hosenball; Editing by Peter Cooney)