The origin of a trove of documents released by WikiLeaks, which allegedly detail the CIA’s “entire hacking capacity,” remains unknown—leading to wide speculation about who could be behind it.
WikiLeaks editor Julian Assange has called the revelations “exceptional from a political, legal and forensic perspective," however, many within the security industry believe there is nothing particularly surprising about an intelligence agency being involved in such surveillance tactics. Yet the question of who was behind the revelations remains unanswered.
“The actual headline here is that someone apparently managed to compromise a Top Secret CIA development environment, exfiltrate a whole host of material, and is now releasing it to the world,” Nicholas Weaver, a security researcher at the International Computer Science Institute in Berkeley, said in a blogpost. “Now the world wants to know who, and how, and why.”
Security experts and government officials have suggested the source could range from state-backed actors to a CIA insider. One official speaking to Reuters anonymously suggested it was more likely to be contractors, because there were no signs Russia had tried use the information. The leaker, if it is an individual, is already being dubbed Snowden 2.0, in reference to similar surveillance revelations from NSA whistleblower Edward Snowden in 2013.
WikiLeaks even appeared to boast about trumping Snowden’s revelations—who chose to take classified files to journalists rather than release them through Assange’s organization—saying in a press release that part one of the Vault 7 documents “already eclipses the total number of pages published over the first three years of the Edward Snowden NSA leaks.”
The Central Intelligence Agency (CIA) logo is displayed in the lobby of CIA Headquarters in Langley, Virginia, on August 14, 2008. SAUL LOEB/AFP/Getty Images
The CIA is yet to confirm the authenticity of leaks, with a spokesperson saying in a statement: “The CIA has no comment on the authenticity of the content of the purported intelligence documents.”
If it is an individual, they can expect to face a severe backlash from the U.S. government. Former WikiLeaks whistleblower Chelsea Manning was sentenced to 35 years in prison for leaking sensitive and classified military documents. Manning, a transgender former U.S. soldier, had her sentence commuted by the outgoing President Barack Obama in January and is expected to be released later this year.
Speculation that Russia may be involved in the leak stems from the narrative that WikiLeaks may have some form of backing from the Kremlin, or at least sides with Russia over the United States. During the U.S. presidential elections in 2016, WikiLeaks exposed private emails from Hillary Clinton and members of her staff. Democrats criticized the organization, claiming that it undermined Hillary Clinton’s campaign, without releasing documents that compromised Trump. FBI probes on hacking during the election, including that of the Democratic National Convention, and investigations on possible Russian influence are ongoing.
One of the revelations from the Vault 7 documents was that the CIA is allegedly able to engage in “false flag” cyberattacks that can make it appear that they are originating in Russia. According to WikiLeaks, the CIA’s UMBRAGE group, from the intelligence agency’s Remote Devices Branch, “collects and maintains a substantial library of attack techniques ‘stolen’ from malware produced in other states including the Russian Federation.”
Unusually for WikiLeaks, the whistleblowing organization chose to redact and anonymize some identifying information, including tens of thousands of CIA targets across Latin America, Europe and the United States.
Until someone comes forward, or WikiLeaks provides more information, the source will continue to remain in the realm of speculation. In an email to Newsweek, computer security expert Mikko Hypponen, said that until then, it will be one of many questions that remain unanswered.
“The question is who leaked it to Wikileaks? The Russians, an insider? We don’t know the answer,” Hypponen said. “Another question we need to ask us, why was it leaked now? We don’t know this either.”