“The CIA’s hand crafted hacking techniques pose a problem for the agency. Each technique it has created forms a ‘fingerprint’ that can be used by forensic investigators to attribute multiple different attacks to the same entity.”
While the CIA scrambles to defend themselves and the FBI hunts out the likely candidate responsible for the WikiLeaks’ Vault 7 leak – a trove of CIA documents highlighting the intelligence agency’s ability to hack and spy – an important piece of the puzzle remains largely ignored.
The still yet to be proven theory of ‘The Russians Did It’ hack involving the US elections last year now drowns in murky waters. Whether the Russians were responsible for interfering with the election process last year or not, the Vault 7 leak inhibits any further debate.
The CIA had all the necessary tools to style the Russians as appearing to have interfered, and this is vital to the debate. The CIA has now been revealed as having the ability to cloak itself as another country, leaving behind ‘fingerprints’ to confuse investigators. The agency’s deceptive qualities are substantial, and techniques used are probable “techniques ‘stolen’ from malware produced in other states including the Russian Federation.”
“The CIA’s hand crafted hacking techniques pose a problem for the agency. Each technique it has created forms a ‘fingerprint’ that can be used by forensic investigators to attribute multiple different attacks to the same entity.
“This is analogous to finding the same distinctive knife wound on multiple separate murder victims. The unique wounding style creates suspicion that a single murderer is responsible. As soon one murder in the set is solved then the other murders also find likely attribution.”
With this context now in the public arena, disproving any detection of electronic markings by the Russian government as those left by the CIA becomes extremely difficult, if not unlikely.
With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the ‘fingerprints’ of the groups that the attack techniques were stolen from,” WikiLeaks states in its release.
“UMBRAGE components cover keyloggers, password collection, webcam capture, data destruction, persistence, privilege escalation, stealth, anti-virus (PSP) avoidance and survey techniques.”
The Codex document, also a part of the Vault 7 release sheds further light on the “important aspect” of the “system fingerprint” and how it can be utilised.
Although the CIA has said little on the authenticity of the released documents, they have defended their work. Ryan Trapani, a spokesman for the CIA stated WikiLeaks has “equip our adversaries with tools and information to do us harm,” further saying the CIA is prohibited legally to spy on individuals in the US.
The hacking tools and CIA’s ability, although don’t prove the CIA planted evidence to incriminate the Russian Federation in the form of these ‘fingerprints’, does water down The Russians Did It argument. The significance of this release is only starting to be recognized.