Wikileaks, an international non-profit organization that publishes secret information, fired a fresh salvo. The website that apparently got access to secret documents of U.S. Central Intelligence Agency (CIA) disclosed ingenious hacking techniques employed by the CIA for hacking everything from computers, smartphones, and TVs to compromising Internet routers and computers of the users.
The objective of this move was to bring into light the CIA’s global covert hacking program, its malware arsenal and dozens of weaponized exploits that the agency uses for a wide range of U.S. and European company products like Microsoft’s Windows platform (Including bypassing Windows Activation), Apple’s iPhone, and Google’s Android OS. These devices along with several others like Samsung TVs are turned into covert microphones or implements of espionage by secret cyber-tools of CIA.
The report from Wikileaks laid bare the designs and capabilities of the U.S. intelligence community’s closely guarded cyberweapons. This is likely to cause immediate damage to the CIA’s efforts in collecting intelligence overseas and put additional restrictions on the U.S to carry out its missions on espionage.
There are also reports that CIA has developed automated multi-platform malware attack and control systems covering Windows, Mac OS X, Solaris, Linux and more, such as EDB’s “HIVE” and the related “Cutthroat” and “Swindle” tools. HIVE is described below.
HIVE is a multi-platform CIA malware suite and its associated control software. The project provides customizable implants for Windows that are configured to communicate via HTTPS with the web server of a cover domain. Every single operation utilizing these implants has a separate cover domain that resolves to an IP address, located at a commercial VPS (Virtual Private Server) provider.
The public-facing server forwards all incoming traffic via a VPN to a ‘Blot’ server that is capable of handling actual connection requests from clients. It is setup for optional SSL client authentication: if a client sends a valid client certificate (only implants can do that), the connection is forwarded to the ‘Honeycomb’ tool server that communicates with the implant. The Honeycomb tool server then receives exfiltrated information from the implant.
Good news for the users is all this does not mean an end of privacy. There are a few methods via which one can communicate over the web and the phone without revealing their identity to CIA.
Prevent being spied on by CIA or Government
These are just some of the basic precautions one could. Obviously, these may not help if someone is hell-bent on monitoring you.
- At the basic level, you should always try to update your devices to the latest version of firmware. Install the latest updates for your operating system as well as ensure that all your installed software are updated to their latest versions.
- Use a good Antivirus software or an Internet Security Suite.
- Using a Proxy software or better still, using a VPN software on your Windows computer is strongly recommended. VPNs encrypt the data leaving your computer until the data reaches their servers. From there, a tunnel is formed where data is almost inaccessible due to security measures provided by the VPN service providers. Thus, you will be safer against spying.
- Only download apps from safe software download sites or authorized and legitimate stores like the Windows Store, iTunes or Google Play. The reason being we don’t want compromised apps coming onto our devices.
- Proceed with caution while opening email attachments or clicking on web links since more than 90 percent of attacks start with the email attachments & links.
- Ensure the websites you browser are secured with the valid certificate—look for the padlock icon/ green bar in the browser.
- Avoid Jailbreaking your smartphone. Jailbreaking is the technique of removing software restrictions imposed by the manufacturer’s operating system.
- Disable your webcam and turn off your microphone, when not in use.
- Don’t use popular Chat clients as they are usually targetted by government surveillance agencies. Look for a low-level, new chat company that hasn’t been sighted yet by bigwigs. You should be aware that Facebook Chats, WhatsApp Chats, etc, can be easily monitored.
- Take some precautions while using public WiFi and always turn off your Computer or switch off the Internet connection, when not in use. This is because, with the growth of high-speed Internet connections, many users opt to keep their computers on all the time, even when they are away from the machine for a long time. Such “Always On” computers are more susceptible. make sure that you have secured your WiFi network even at home.
- If you are using smart IoT devices like Smart TVs, etc, you need to take more care in securing IoT devices. Check if any of your IoT devices have been compromised.
- Most cell phones these days communicate via GPS data with orbiting satellites. This helps phones tracks your position at all times. So, if it’s possible, avoid using a phone that does not feature GPS technology.
- Make use of Detekt, a free anti-surveillance software for Windows.
- Encrypt your emails before you send them. Remember that the connections to the email servers too need to be encrypted so you need to use email clients that can use add-ons to encrypt the email text. Outlook, Thunderbird and almost all email clients support an end to end encryption.
Read: How do I know if my Computer has been Hacked and what to do next.
How do you know if you are being spied on
There are some tell-tale signs that can let you know if someone is spying your phone or computer. Here are some of them:
- Your Internet Speed has become sluggish and slow.
- If you are a smartphone user do you find your Smartphone screen staying lit even when you try to turn it off? If it does, it should ring a warning bell.
- Your mouse moves automatically to make selections.
- Are the apps installed on your Smartphone or PC running slower than usual? Are there unfamiliar applications running in the background? Does it take an unusually long time to shut down? If the answer to all these questions is in big ‘YES’ then, it could mean that your PC or Smartphone might be hiding something and therefore needs further investigation.
- There is a marked increase in Network activity, or your Firewall is busy blocking several outward connection requests.
This article on how to protect yourself from NSA spying & snooping will give you additional tips that may help you protect yourself from government surveillance systems.
Besides being extremely unpleasant for invading privacy, tracking poses a genuine risk. Take care and stay safe!