Symantec: CIA's Leaked Hacking Tools Were Used In 40 Cyber Attacks In 16 Different Countries
The company's research indicates the CIA was using malware to spy on government entities across the globe.
New research indicates a large number of cyber attacks around the world were conducted using top-secret hacking tools exposed recently by WikiLeaks, according to security research group Symantec.
Reuters
The group implied on Monday that the cyber attacks on various organisations were likely carried out by the US Central Intelligence Agency (CIA). Files and emails earlier posted by WikiLeaks seem to show internal CIA discussions regarding hacking into smartphones, computer, software and chat apps, and even smart televisions.
Symantec now says it¡¯s connected at least 40 attacks on organisations in 16 different countries to the tools published by WikiLeaks, though the the research firm cannot officially pin blame on the CIA owing to its company policy.
So far, the CIA has refused to confirm the authenticity of the documents published by WikiLeaks, though other sources confirmed to Reuters that they were genuine. Meanwhile, CIA spokeswoman Heather Fritz Horniak says that any WikiLeaks disclosures aimed at damaging the intelligence community ¡°not only jeopardize U.S. personnel and operations, but also equip our adversaries with tools and information to do us harm.¡±
¡°It is important to note that CIA is legally prohibited from conducting electronic surveillance targeting individuals here at home, including our fellow Americans, and CIA does not do so,¡± she added. However, she¡¯s declined to comment on Symantec¡¯s research.
The CIA hacking tools that were leaked do not involve mass surveillance, something the agency is prevented from doing on American soil, though the organisations targeted in Symantec¡¯s research include government entities and targets of national security value, lead researcher Eric Chien said. In fact, some of these targets are in US-allied countries in Europe, some of whom Symantec says it was ¡°surprised were targets.¡± The hacked organisations included those in the financial, telecommunications, energy, aerospace, information technology, education, and natural resources sectors.
Other targets included those in the Middle East, Asia, and Africa. One computer that was infected in the United States, something Symantec was likely an accident, had the infection removed within hours. All the programs involved in the campaign were reportedly used to open back doors, and collect and remove copies of files, rather than to destroy anything.