- Skillshare is offering new users one month of premium for free 2 Years Ago
- Report: Facebook is punishing Black people for talking about racism (updated) Today 10:15 AM
- Biden brings tepid language to the healthcare debate Today 9:52 AM
- TikTok’s ‘chin on palm’ challenge has people scratching their heads Today 9:01 AM
- How to stream the 2019 NFL Draft for free Today 9:00 AM
- How to watch every movie in the MCU before ‘Avengers: Endgame’ Today 8:00 AM
- Review: The apocalypse has never been more aimless than in Days Gone Today 7:00 AM
- ‘Boston bomber voting’ discourse is America at its dumbest Today 6:30 AM
- How to watch ‘Top Gear’ for free Today 6:30 AM
- How to watch Real Madrid vs. Getafe online for free Today 6:00 AM
- How safe is the ‘safest’ place in Winterfell? Today 5:00 AM
- Gynecologist explains why garlic shouldn’t go in vaginas Wednesday 7:08 PM
- People on Twitter are posting the 5 weirdest jobs they’ve had for this meme Wednesday 6:48 PM
- Mortal Kombat 11’s Jax ends slavery—and gamers are pissed Wednesday 5:46 PM
- GPS app gave hacker ability to remotely shut off car engines Wednesday 3:58 PM
WikiLeaks sparks conspiracy theory that CIA hacked the DNC, not Russia
Photo via 360b/Shutterstock, Inc. (Licensed)
Well, that didn’t take long.
Within hours of WikiLeaks publishing thousands of CIA documents on Tuesday, pro-Russian websites began pushing a new theory that absolves Russia of the cyberattacks that upended the Democratic Party last summer.
Among files that reveal how the Central Intelligence Agency is able to hack smartphones and internet-connected TVs, WikiLeaks disclosed that a subdivision of the CIA, known as “Umbrage,” maintains a catalog of malware derived from various sources, including foreign cyberespionage groups. This library of exploits may be used by CIA to “provide functional code snippets that can be rapidly combined into custom solutions,” one of the WikiLeaks-release documents says.
In other words—for the sake of expediency—the agency uses existing code from malicious tools discovered “in the wild” to piece together its own custom malware rather than create every tool it uses from scratch.
Umbrage is the first CIA operation highlighted by WikiLeaks in its press release under a section describing “examples” of “around 500 different projects” uncovered in the leak. (Only a fraction of the projects are disclosed in the first release, which WikiLeaks has dubbed “Year Zero.”)
WikiLeaks tweeted that this collection of malware must be used by the CIA to conduct “false flag” attacks because the borrowed code would contain “fingerprints” pointing forensic investigators towards the code’s creator rather than the CIA itself.
— WikiLeaks (@wikileaks) March 7, 2017
All of this immediately gave rise to a new conspiracy theory: the CIA must have hacked the Democratic National Committee itself and blamed Russia. The website Sputnik International, which is owned and operated by the Russian government, was happy to entertain this theory, as was the “citizen journalism” website Russia Insider, which asserted that any evidence of hacking that points to Russia “must now be dismissed as either fake or meaningless.”
Milo Yiannopoulos, the former Breitbart editor who resigned last month after a video circulated in which he appeared to endorse sexual relations with 13-year-old boys, also began pushing the theory on his personal website under the headline: “Did the CIA deliberately mimic Russian hacking protocols?”
(Disclosure: Yiannopoulos was the founder of the Kernel, a publication the Daily Dot acquired in 2014.)
Others joined suit on Twitter:
CIA uses techniques to make cyber attacks look like they originated from enemy state. It turns DNC/Russia hack allegation by CIA into a JOKE
— Kim Dotcom (@KimDotcom) March 7, 2017
Russia said they hacked nothing. Assange said Russia didn't provide the emails. Now we learn CIA can make a hack "look" like Russia.
— Bill Mitchell (@mitchellvii) March 7, 2017
So people be telling me that Russia hacked Clinton for Trump. But now I see it was actually the CIA, and its all a setup. #Vault7
— Andre (@Potatomed) March 7, 2017
While the “component library” of the CIA files note that the code is “borrowed from in-the-wild malware”—meaning malware that has already been detected or exposed in some fashion—WikiLeaks described the tools as “attack techniques ‘stolen’ from malware produced in other states including the Russian Federation.” WikiLeaks did not highlight in its press release any other countries from which the Umbrage malware supposedly originates.
Of course, there’s nothing particularly controversial about the CIA accumulating malware. Prior to the publication of the so-called “Vault 7” files, it was widely accepted that the CIA—like the National Security Agency—frequently uses hacking tools, including those not created by American coders. Any number of cybersecurity experts familiar with attacks by “state actors” would have gladly admitted as much, even before the WikiLeaks release.
While reporting in December that a U.S. cybersecurity firm was “highly confident” that Russia was behind the DNC attack, the Daily Dot noted that, “Attribution with regards to cyberattacks is difficult and often problematic,” adding: “Malware can be stolen; it can be re-packaged and sold on the black market; and it can be used as well to throw off investigators.”
That these new CIA documents help illustrate how nebulous cyberthreat attribution can be is a good thing. But ultimately, they offer no proof that the CIA had any hand in hacking the Democrats.
Dell Cameron was a reporter at the Daily Dot who covered security and politics. In 2015, he revealed the existence of an American hacker on the U.S. government's terrorist watchlist. He is a co-author of the Sabu Files, an award-nominated investigation into the FBI's use of cyber-informants. He became a staff writer at Gizmodo in 2017.