Cybersecurity firm Symantec has found that a number of past cyberattacks were conducted with tools used by the U.S. Central Intelligence Agency, said Reuters. What this could potentially mean is that these cyberattacks on global organizations were conducted by the CIA.
Symantec reported connecting some 40 attacks in 16 countries to the CIA tools. The tools in question, noted Reuters, were of the same kind leaked last month on WikiLeaks and include capabilities to hack into smartphones, computers and other electronics. The CIA hasn’t confirmed the authenticity of the leaked documents.
An agency spokeswoman told Reuters that the disclosures by WikiLeaks “not only jeopardize U.S. personnel and operations, but also equip our adversaries with tools and information to do us harm. It is important to note that [the] CIA is legally prohibited from conducting electronic surveillance targeting individuals here at home, including our fellow Americans, and [the] CIA does not do so.”
The hacking tools in questions were not leveraged for mass surveillance, and the targets in question were government entities or had legitimate national security value for other reasons, Symantec reportedly said.
Last month it came to light that the CIA was using a myriad of devices and products, including smart televisions, smartphones and anti-virus software, to conduct surveillance on their owners.
The documents WikiLeaks published described capabilities of recording sounds, images and text messages of those using devices, whether or not the communication was encrypted. The report highlighted the many ways in which the CIA may be turning vulnerabilities into attack tools.
“The argument that there is some terrorist using a Samsung TV somewhere — as a reason to not disclose that vulnerability to the company, when it puts thousands of Americans at risk — I fundamentally disagree with it,” Alex Rice, chief technology officer for HackerOne, said.