The latest release from WikiLeaks claims that the CIA’s Mobile Devices Branch dedicated considerable resources to create malware intended to ” infest, control and exfiltrate data from iPhones and other Apple products running iOS, such as iPads.” The agency allegedly obtained a number of “zero day” attack methods from fellow government agencies like the NSA and FBI, but purchased others from Baitshop and similar cyber arms contractors. While iPhones only make up around 14.5 percent of the global smartphone market, WikiLeaks suggests ” the popularity of the iPhone among social, political, diplomatic and business elites” explains the government’s “disproportionate focus on iOS” as a hacking target.
The disclosures accuse the CIA of ignoring the U.S. government’s commitment to disclosing vulnerabilities it discovers in technology created by domestic manufacturers, choosing to leave the devices open to attack by “foreign intelligence or cyber criminals who independently discover or hear rumors of the vulnerability’ rather than reporting the problems and closing off their own access. The report claims “specific CIA malware revealed in “Year Zero” is able to penetrate, infest and control both the Android phone and iPhone software that runs or has run presidential Twitter accounts.” And because cyber weapons are infinitely portable and difficult to contain, Wikileaks contends that the exploits developed by intelligence agencies and the withholding of various security flaws has created an open market for government employees looking to sell that information to third parties. The report cites several intelligence employees who have been arrested, including Harold T. Martin III who allegedly stole 50,000 gigabytes of data ” from classified programs at NSA and CIA, including the source code for numerous hacking tools.” Apple hasn’t commented on the accusations.