The Islamic State's Tech Support Is Worried About CIA Hacking Tools

Whether Islamic State supporters will actually learn anything from reading the documents is another matter, though.

|
Apr 12 2017, 3:48pm

Image: VICE News

Over the past few weeks Wikileaks has published files allegedly concerning the CIA's hacking capabilities. Cybersecurity company Symantec has since linked some of the tools included in Wikileaks' "Vault 7" series to over 40 hacks around the world.

Plenty of others have been paying close attention to the releases too. Pro-Islamic State social media and Telegram accounts have been sharing a list of takeaways and other information gleaned from the recent alleged CIA dump.

Read more: When ISIS Hackers Call You Out By Name

"The increasing attention to matters of cybersecurity in the last several months may reflect a heightened fear and paranoia that the software and technology that facilitated the organization's stellar rise will ultimately betray them and their ideological aspirations," Jade Parker, senior research associate in VNSA Cybersecurity and Terrorist Use of the Internet at research group TAPSTRI told Motherboard.

In particular, pro-Islamic State accounts have posted links to a "things you should know" piece, laying out what they see as important points in the Wikileaks data. Terrorism analyst Michael S. Smith II shared a screenshot of the top-10 list on Twitter on Tuesday.

"Wikileaks has published thousands of documents that reveal the secrets of the biggest hack of the CIA, and includes the agency's ability to penetrate iPhones, Android, Smart TV, Microsoft, and operating systems Mac and Linux," a Google translated version of the Arabic language list reads.

Specifically, the list highlights the CIA's alleged use of kernel exploits, designed to target the heart of a device's operating system, and how the agency supposedly borrowed code from public malware samples. The post also points to the natural consequence of hacking phones directly—that spies will likely be able to circumvent the encryption on any messaging apps the target happens to be using.

"The CIA has the tools to enable them to have access to the entire phones, which of course leads to bypass the encrypted messaging applications," the post reads. (Although Wikileaks published a press release explicitly mentioning Signal and WhatsApp, and Islamic State supporters appear to have echoed it, no claims about either of those apps are actually included in the released documents).

Other recent Telegram posts include direct links to Wikileaks' press releases on the alleged CIA documents, and descriptions of what versions of Android specific exploits are effective against.

A pro-Islamic State group called Electronic Horizon Foundation, or just Horizons for short, has shared much of the material through it Telegram's channels. Horizons typically provides tutorials, guidance and other material related to information security—in short, a tech help desk.

Of course, how much the Islamic State or its supporters could actually learn from the Wikileaks releases, except being reminded that vulnerabilities in computers and software exist, is debatable.

"For ISIS, reducing the attack surface of their apps and devices from intelligence services are a matter of both physical and ideological survival," Parker said.

Subscribe to pluspluspodcast, Motherboard's new show about the people and machines that are building our future.