In an age of nation-state level cyberwarfare, countries with the best hacking tools are the new military powers. The US has been aggressive in efforts to find new and powerful vulnerabilities to exploit, and slow in disclosing them to technology vendors. But it has also not been effective in keeping those secrets from falling into the hands of hackers such as the Shadow Brokers and whistle-blower sites such as WikiLeaks and the Intercept.
Which raises the question: how much damage can such leaks do, and should the likes of WikiLeaks be disclosing them in the first place?
Vault 7 showed capabilities, Vault 8 shows actual code
With Vault 7, WikiLeaks documented many of the CIA’s activities and capabilities. Though it led to revelations about how the intelligence agency could hack all manner of devices and systems – from cars and smart TVs to web browsers and Operating Systems, it never outlined explicitly how these attacks were done.
The Vault 8 disclosures, however, sees the whistle-blower site take a different approach. The leaks will release source code for those CIA software projects. So far, only one project—a back-end infrastructure project called Hive—has been released. But more are due to follow. And this could potentially have major repercussions.
NSA-based exploits published by the Shadow Brokers hacker group led to both the WannaCry and NotPetya attacks, while some suggest that many of the publicised methodologies used by the NSA have also been adopted by cyber criminals. WikiLeaks claims all the material published in Vault 8 will not contain the material published by zero-days or other vulnerabilities which could be repurposed by others. However, some remain unconvinced.