The Hall of Mirrors

This is what we get for letting our intelligence agencies become black boxes. In the digital realm now there is no way whatsoever to determine who did what to whom when where and how. Bo

"According to WikiLeaks, the UMBRAGE team then “collects and maintains a substantial library of attack techniques ‘stolen’ from malware produced in other states including the Russian Federation. With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the ‘fingerprints’ of the groups that the attack techniques were stolen from.”"

WikiLeaks: CIA Uses ‘Stolen’ Malware to ‘Attribute’ Cyberattacks to Nations Like Russia
2776
28

KIRILL KUDRYAVTSEV/AFP/Getty Images
by LUCAS NOLAN7 Mar 20171,936
SIGN UP FOR OUR NEWSLETTER

SUBMIT
Documents released by WikiLeaks show that the CIA kept records of malware attacks supposedly stolen from outside agents, including the Russian government, used to “misdirect attribution” of hacking sources.
“The CIA’s hand crafted hacking techniques pose a problem for the agency,” WikiLeaks explains. “Each technique it has created forms a ‘fingerprint’ that can be used by forensic investigators to attribute multiple different attacks to the same entity.
That’s where the CIA’s UMBRAGE team comes in. WikiLeaks describes UMBRAGE team’s activities:
The UMBRAGE team maintains a library of application development techniques borrowed from in-the-wild malware. The goal of this repository is to provide functional code snippets that can be rapidly combined into custom solutions. Rather than building feature-rich tools, which are often costly and can have significant CI value, this effort focuses on developing smaller and more targeted solutions built to operational specifications.
According to WikiLeaks, the UMBRAGE team then “collects and maintains a substantial library of attack techniques ‘stolen’ from malware produced in other states including the Russian Federation. With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the ‘fingerprints’ of the groups that the attack techniques were stolen from.”
View image on Twitter
View image on Twitter
Follow
WikiLeaks ✔@wikileaks
CIA steals other groups virus and malware facilitating false flag attacks #Vault7 https://wikileaks.org/ciav7p1/
8:18 AM - 7 Mar 2017
4,9174,917 Retweets 4,1744,174 likes
This means that the CIA could use a malware attack originally developed by another country to “misdirect attribution” for the hack away from themselves. Within the UMBRAGE arsenal of malware is a collection of “keyloggers, password collection, webcam capture, data destruction, persistence, privilege escalation, stealth, anti-virus (PSP) avoidance and survey techniques.” A directory of the tools collected by the UMBRAGE team can be found here.

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Inannawhimsey's picture
Member since:
14 April 2009
Last activity:
2 weeks 4 days

This is one of the reasons I'm staying away from the IoT

When I buy something I want to be able to use all of it how I want; to be able to have responsibility and accountability

These people should really be paying all of us lol

---------
All that lives is holy, life delights in life.

--William Blake