The files, leaked by the non-profit organization, indicate that for years the CIA has been methodically seeking and exploiting vulnerabilities in globally-famous software and hardware platforms in order to take control over them.
According to the documents, the CIA hacking group possessed tools allowing them to infect a target computer bypassing PSPs (Personal Security Product).
For instance, one of the files, entitled "Kaspersky 'heapgrd' DLL Inject," describes Russian cybersecurity provider Kaspersky Lab's PSPs vulnerabilities.
"The Kaspersky AVP.EXE process references a DLL called WHEAPGRD.DLL. This DLL is supposed to be located in one of the Kaspersky directories (which are protected by the PSP). Due to a UNICODE/ASCII processing mistake, the DLL name is prepended with the Windows installation drive letter, rather than the full path to the DLL. For typical installations, this causes Kaspersky to look for the DLL 'CWHEAPGRD.DLL' by following the standard DLL search path order. Loading our own DLL into the AVP process enables us to bypass Kaspersky's protections," the document reads, adding that "this vulnerability is limited to some of Kaspersky's previous releases."
Commenting on the issue, Kaspersky Lab spokesperson Olga Bogolyubskaya told Sputnik that the aforementioned DLL "heapgrd" vulnerability had been disclosed and fixed back in 2009.
"Moreover, all new company products are subject to mandatory testing for this and other vulnerabilities before release," she stressed.
"The products mentioned by WikiLeaks (KIS 7, KIS 8, WKSTNMP3) are obsolete versions of Kaspersky Lab's security software; [the company] has not provided technical support for these products for several years," Bogolyubskaya explained.
Indeed, the CIA report published by WikiLeaks admits that Kaspersky Lab's more recent software products KIS 9+ and WKSTN MP4 do not have this vulnerability.
"As for the DLL inject vulnerability in the TDSSKiller utility, also mentioned in the WikiLeaks report, it was closed in December 2015," she said.
"Kaspersky Lab emphasizes that the documents published by WikiLeaks do not indicate that the given vulnerabilities were applied in practice against the solutions of Kaspersky Lab or other manufacturers of security software, but [they] describe the software analysis by using a 'reverse engineering' method," Bogolyubskaya elaborated.
"Kaspersky Lab is thoroughly studying the report published on WikiLeaks on March 7, 2017 in order to make sure that our clients are out of danger. The company pays special attention to such reports and statements," the statement said, highlighting that the cybersecurity of Kaspersky Lab's clients is the company's top priority.
For its part, American cybersecurity provider Comodo Group, Inc., also mentioned in leaked CIA reports, said that the vulnerability in Comodo 6 antivirus, described by the CIA, was obsolete.
Likewise, Apple Inc. called attention to the fact "many of the issues leaked today were already patched in the latest iOS."
"While our initial analysis indicates that many of the issues leaked today were already patched in the latest iOS, we will continue work to rapidly address any identified vulnerabilities. We always urge customers to download the latest iOS to make sure they have the most recent security updates," an Apple spokesperson said as quoted by Techcrunch.com.
While the world's leading software and hardware developers rushed to announce that they have either patched or are analyzing the vulnerabilities highlighted by WikiLeaks' CIA exposure, Google Inc. was the last one to dispel the mounting doubts.
"As we've reviewed the documents, we're confident that security updates and protections in both Chrome and Android already shield users from many of these alleged vulnerabilities. Our analysis is ongoing and we will implement any further necessary protections. We've always made security a top priority and we continue to invest in our defenses," Heather Adkins, Google's Director of Information Security and Privacy, told Recode.net.
Unlikely. The truth of the matter is the disclosure covers the period between 2013 and 2016 and apparently presents just the tip of the iceberg.
"The CIA found itself building not just its now infamous drone fleet, but a very different type of covert, globe-spanning force — its own substantial fleet of hackers," WikiLeaks press release says.
"In a statement to WikiLeaks the source details policy questions that they say urgently need to be debated in public, including whether the CIA's hacking capabilities exceed its mandated powers and the problem of public oversight of the agency. The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons," WikiLeaks highlights.
