Grab a tin foil hat, your TV is watching you.
The opinions expressed in this article reflect those of the author, Tom Dodd, and not entrustIT
In the past, if you claimed that the Government was listening into your conversations through your TV, you might be placed in a straitjacket and carted off to the nearest mental health facility. Unfortunately, thanks to a huge data release by WikiLeaks this week, your claims would be entirely justified.
As a consumer, you may have heard of the “internet of things”. Perhaps you scoffed at the thought that your fridge needs an internet connection. The principle is that the internet of things allows us the ability to control aspects of our appliances from our smartphones. Modern appliances are becoming internet enabled and we are each being pushed to embrace a ‘smart home’, whereby our computers, televisions, lights, heating and even door locks can be controlled via apps on our smartphones. The theory sounds great, but the reality may be far darker.WikiLeaks creates more headaches for the Government
On 7th March, WikiLeaks issued a press release codenamed “Vault 7”. In it are details of the CIA’s cyber-weapons programme, called ‘zero day’. These include malware, viruses and Trojans. The several hundred million lines of code included in zero day give the possessor the entire hacking capacity of the CIA. The leak even reveals a tool to listen in on conversations using smartphone or smart TV microphones. What’s more, the CIA (and GCHQ) appear to have been extremely irresponsible with the handling of these tools.
After the Edward Snowden leaks, the Obama administration promised that security vulnerabilities discovered by intelligence services would be released to the US based tech manufacturers on an ongoing basis. The Vault 7 leak shows that the CIA has instead been hoarding discovered vulnerabilities – presumably since they wanted them to remain open. The trouble is, if US intelligence agencies are aware of these flaws, is it not reasonable to assume that other agencies are too? Or that they will be in the future?
By discovering these flaws (in popular operating systems such as Windows, iOS, MacOS and Android) and opting not to inform the developers, they remain open to exploitation – including by those who seek to do harm. Specific CIA malware revealed in the leak is even able to penetrate both iPhone and Android software running presidential Twitter accounts. Given President Trump’s love affair with Twitter, and that one tweet from his account has the power to send stock prices plummeting, or worse still, potentially start a war, how valuable is that malware to a dangerous hacker?
Edward Snowden has had his say on the leaks
A difficult balancing act
Balancing public safety with public freedom is a difficult process. You may feel entirely relaxed about the intelligence agencies’ ability to hack into your TV if it means that you don’t become a victim of terrorism. However, in an effort to protect the public from violent terrorism, the CIA has left the public open to cyber terrorism. Some would argue that cyber weapons have the potential to deal more damage than conventional weapons. Once malicious code is out there, it is relatively easy to copy and extremely difficult to control. The very fact that this latest leak has been released indicates that the CIA and NSA cannot keep control of their sensitive data.
To be concerned about dangerous hacking tools falling into the wrong hands, or the possibility that you could be spied on in your own home is no longer a paranoid delusion. The threat is very real. The agencies that exist to protect us have left us vulnerable as a result of their recklessness.
The Bottom Line
Vault 7 is a goldmine of information – and it is damning for the agencies involved. Not only have intelligence agencies been working hard to discover vulnerabilities to spy on citizens, they have kept them to themselves – leaving them open to be exploited by hackers and terrorists. Whilst it is entirely justified to monitor terrorists, who determines who is a terrorist? How broad is that definition? We must be careful that we do not let intelligence agencies abuse the threat of terror to justify robbing us of our freedom.
In the short term, we can expect to see major tech companies patching the vulnerabilities exposed in Vault 7. Yet, we now have an idea of the lengths major intelligence agencies will go to in order to harvest information. More vulnerabilities will be found, and likely hoarded, until they are again exposed. The public should not sit by and accept that this a reality of modern life. These agencies must be held accountable for their failings.
The press release of Vault 7 can be found here. If you have an interest in cyber security – it is worth reading.
Subscribe here!
Recent Posts
Posts by tag
- technology (124)
- Security (97)
- cyber security (85)
- IT Security (81)
- Cloud (65)
- Microsoft 365 (63)
- modern technology (62)
- Managed Service (60)
- business (60)
- cloud computing (59)
- cyber attack (54)
- workplace (54)
- IT support (53)
- cloud it (53)
- Microsoft Teams (52)
- microsoft (51)
- Working from home (50)
- productivity (47)
- office (46)
- cybersecurity (44)
- office 365 (44)
- IT (41)
- Uncategorised (38)
- employees (38)
- entrustit (38)
- flexible work (36)
- Password Security (34)
- Remote (33)
- efficiency (31)
- Hosted Workspace (30)
- hosted desktop (30)
- schools (29)
- independent schools (28)
- school ict (27)
- collaboration (26)
- 2023 (25)
- Cyber (24)
- cyber privacy (22)
- public cloud (22)
- computing (21)
- email security (20)
- password (20)
- it support bournemouth (19)
- passwords (19)
- entrust (18)
- hosted applications (18)
- VoIP (17)
- cloud voip (17)
- covid19 (17)
- hacking (17)
- private cloud (17)
- data (16)
- it support dorset (16)
- teamwork (16)
- Coronavirus (15)
- GDPR (14)
- hackers (14)
- office 365 support (14)
- ransomware (14)
- IT audit (13)
- Protection (13)
- cloud cctv (13)
- covid-19 (13)
- hack (13)
- it support hampshire (13)
- management (13)
- network (13)
- Hosted Desktop and Applications (12)
- Windows Virtual Desktop (12)
- cctv (12)
- hardware (12)
- internet (12)
- it consultancy (12)
- 2020 (11)
- 2022 (11)
- hybrid cloud (11)
- internet safety (11)
- IT costs (10)
- Microsoft Planner (10)
- data breach (10)
- it consultancy bournemouth (10)
- it support southampton (10)
- it support winchester (10)
- phishing (10)
- vulnerabilities (10)
- windows (10)
- windows 10 (10)
- Backup (9)
- bitwarden (9)
- digital (9)
- it consultancy hampshire (9)
- telephony (9)
- attack (8)
- communication (8)
- desk phone (8)
- education (8)
- eu (8)
- it consultancy dorset (8)
- it consultancy southampton (8)
- msp (8)
- planning (8)
- software (8)
- staff (8)
- uk (8)
- Google (7)
- OneDrive (7)
- infrastructure (7)
- mobile (7)
- offsite backup (7)
- outsource (7)
- partnership (7)
- 2019 (6)
- Apple (6)
- Hampshire (6)
- IT Director (6)
- Skype for Business (6)
- apps (6)
- architect (6)
- child protection (6)
- cloud storage (6)
- european union (6)
- hacks (6)
- legal (6)
- legal it (6)
- mobile phones (6)
- onsite backup (6)
- password manager (6)
- remote desktop service (6)
- usecure (6)
- virus (6)
- 3d design desktop (5)
- Azure (5)
- Bournemouth (5)
- Desktop (5)
- ISO (5)
- News (5)
- Risk assessment (5)
- Windows 7 (5)
- awards (5)
- brexit (5)
- designer (5)
- personal data (5)
- resources (5)
- smartphone (5)
- website (5)
- Access Management (4)
- BYOD (4)
- Dorset (4)
- Facebook (4)
- Government (4)
- SharePoint (4)
- VPN (4)
- WannaCry (4)
- ios (4)
- law (4)
- legacy (4)
- proactive (4)
- remote learning (4)
- 2021 (3)
- 2024 (3)
- Attacks (3)
- Case Studies (3)
- General (3)
- Google Drive (3)
- Help (3)
- IP (3)
- Microsoft Forms (3)
- NHS (3)
- New Forest (3)
- Zoom (3)
- big switch off (3)
- budgets (3)
- citrix (3)
- closed cloud (3)
- ddos (3)
- digital hub (3)
- disaster recovery (3)
- guide (3)
- instagram (3)
- internet of things (3)
- meetings (3)
- sme (3)
- storage (3)
- surrey (3)
- teaching (3)
- trump (3)
- twitter (3)
- 2016 (2)
- 2018 (2)
- CAD (2)
- DR (2)
- DR planning (2)
- Environment (2)
- Firewall (2)
- Gen Z (2)
- ISBA (2)
- Local (2)
- Macs (2)
- Microsoft Copilot (2)
- PaaS (2)
- Tiva (2)
- android (2)
- artificial intelligence (2)
- award winning (2)
- bcs (2)
- broadband (2)
- camcloud (2)
- computer performance (2)
- digital transformation (2)
- downtime (2)
- dropbox (2)
- exhibition (2)
- finalist (2)
- innovation (2)
- legalex (2)
- london (2)
- macos (2)
- online meetings (2)
- organisation (2)
- paypal (2)
- predictions (2)
- president (2)
- strategy (2)
- united kingdom (2)
- us (2)
- video conferencing tools (2)
- 1998 (1)
- 5G (1)
- AI (1)
- AMD (1)
- ARM (1)
- Abbey Hill (1)
- Aldwickbury Park (1)
- BBC (1)
- BUNKERS! (1)
- Birchwood Park (1)
- Burhill (1)
- Burhill Group (1)
- Burnout (1)
- CEO (1)
- ChatGPT (1)
- Cloudtango (1)
- GPT-4 (1)
- Go Integrator (1)
- Hoebridge (1)
- Ignite 2018 (1)
- Ignite 2020 (1)
- Leaders (1)
- Loop (1)
- MFA (1)
- MSP Select 2024 (1)
- Market (1)
- May (1)
- Mr Mulligans (1)
- Multi Factor Authentication (1)
- MyAnalytics (1)
- Ninja Warrior UK (1)
- PBX (1)
- PM (1)
- Power BI (1)
- Privacy Shield (1)
- Ramsdale Park (1)
- Redbourn (1)
- Regulation (1)
- Surrey Business Awards (1)
- Sydenhams (1)
- Tech Company of the Year (1)
- The Business Magazine (1)
- Thornbury (1)
- WCry (1)
- WannaCrypt (1)
- Wifi (1)
- Wycombe Heights (1)
- acquisition (1)
- afc bournemouth (1)
- afcb (1)
- ashley madison (1)
- b2b (1)
- bandwidth (1)
- battersea (1)
- beach (1)
- big data (1)
- bloatware (1)
- blockchain (1)
- builders merchant (1)
- cambridge analytica (1)
- canada (1)
- cia (1)
- clinton (1)
- cnn (1)
- copilot (1)
- copilot pro (1)
- copyright (1)
- cryptocurrency (1)
- dark web (1)
- dns (1)
- donald (1)
- dyn (1)
- east grinstead (1)
- election (1)
- equality (1)
- executive order (1)
- farnham (1)
- fax (1)
- football (1)
- gchq (1)
- grinstead (1)
- intel (1)
- intelligence (1)
- josh widdicombe (1)
- landmarks (1)
- learning (1)
- legal technology forum (1)
- machine learning (1)
- meltdown (1)
- millennials (1)
- mirai (1)
- no-deal (1)
- onsite (1)
- paper (1)
- patisserie valerie (1)
- performance reviews (1)
- pound (1)
- premier league (1)
- procrastination (1)
- recruitment (1)
- research (1)
- serval systems (1)
- sharefile (1)
- smishing (1)
- snowden (1)
- solent (1)
- solent business awards (1)
- solentBA (1)
- spectre (1)
- sterling (1)
- storm (1)
- talktalk (1)
- trumppresident (1)
- ukitawards (1)
- united states (1)
- usa (1)
- vault 7 (1)
- vitality stadium (1)
- whatsapp (1)
- white (1)
- white house (1)
- wikileaks (1)
- wireless internet bournemouth (1)
- wireless internet southampton (1)
- women in business (1)
- xiongmai (1)
- year (1)