WASHINGTON — The FBI has launched a criminal investigation into the security breach that resulted in the publication of detailed records concerning the CIA's supersecretive computer hacking operations, according to a U.S. official familiar with the matter.
Nearly 9,000 of those documents were posted Tuesday by WikiLeaks , providing a detailed look at the CIA's efforts to capture conversations, encrypted communications and online browsing data by hacking into smartphones, computers and even televisions.
The U.S. official who confirmed the existence of the federal probe requested anonymity to discuss the sensitive investigation. CNN reported that the FBI and CIA "are coordinating reviews of the matter."
Reuters reported Wednesday that the intelligence community has been aware since last year of a security breach that led to the publication of the records.
Current and former U.S. officials have said the publication of the tools could harm the ability of the United States to gather intelligence on other countries and terrorists.
Carol Cratty, an FBI spokeswoman, referred calls on the matter to the CIA. Heather Horniak, a CIA spokeswoman, declined to comment. The spy agency has refused to confirm the authenticity of the documents.
It is no surprise that the CIA uses malicious software to gather information about specific individuals. Even so, the leaked documents are a stunning look at the agency's hacking capabilities.
On Wednesday, WikiLeaks raised the prospect of sharing sensitive details it uncovered about CIA hacking tools with leading technology companies whose flagship products and services were targeted by the U.S. government's hacker-spies.
If that sharing should take place, the unusual cooperation would give companies like Apple, Google, Microsoft, Samsung and others an opportunity to identify and repair any flaws in their software and devices that were being exploited by U.S. spy agencies and some foreign allies, as described in the file WikiLeaks published.
The documents, which the White House declined anew Wednesday to confirm as authentic, describe clandestine methods for bypassing or defeating encryption, antivirus tools and other protective security features for computers, mobile phones and even smart TVs. They include the world's most popular technology platforms, including Apple's iPhones and iPads, Google's Android phones and the Microsoft Windows operating system for desktop computers and laptops.
"This is the kind of disclosure that undermines our security, our country and our well-being," White House spokesman Sean Spicer said. "This alleged leak should concern every single American."
Spicer defended then-candidate Donald Trump's comment in October 2016 — "I love WikiLeaks!" — after it published during the presidential campaign private, politically damaging emails from Hillary Clinton's campaign manager. Spicer said there was a "massive, massive difference" between WikiLeaks publishing stolen, personal emails of a political figure and files about national security tools used by the CIA.
WikiLeaks has not released the actual hacking tools themselves, some of which were developed by government hackers while others were purchased from outsiders. The group indicated it was still considering its options but said in a statement Wednesday: "Tech companies are saying they need more details of CIA attack techniques to fix them faster. Should WikiLeaks work directly with them?" It wasn't clear whether WikiLeaks — a strident critic of Google and Facebook, among others — was serious about such action.
A message from the Associated PRess seeking additional details from WikiLeaks was not immediately returned, and an attempt to speak to founder Julian Assange at the Ecuadorean Embassy in London on Tuesday was rebuffed.
Security experts said WikiLeaks was obligated to work privately with technology companies to disclose previously unknown software flaws, known as zero-day vulnerabilities because consumers would have no time to discover how to defend themselves against their use, and with companies that design protection software. WikiLeaks has said the latest files apparently have been circulating among former U.S. government hackers and contractors.
"The clear move is to notify vendors," said Chris Wysopal, co-founder and chief technology officer of Veracode Inc. "If WikiLeaks has this data then it's likely others have this data, too. The binaries and source code that contain zero days should be shared with people who build detection and signatures for a living."
The political fallout and damage to U.S. intelligence operations was still being assessed. The former head of the CIA and National Security Agency, Michael Hayden, sought to assure people the U.S. would use such cyber weapons only against foreign targets.
"I can tell you that these tools would not be used against an American," Hayden said Tuesday night on The Late Show with Stephen Colbert.
"But there are people out there that you want us to spy on. You want us to have the ability to actually turn on that listening device inside the TV, to learn that person's intentions. This is a wonderful capability. You give the intelligence community $53 billion a year. You've got to get something for your money."
One clear risk is that WikiLeaks revealed enough details to give foreign governments better opportunities to trace any of the sophisticated hacking tools they might discover back to the CIA, damaging the ability to disguise a U.S. government hacker's involvement. "That's a huge problem," said Adriel T. Desautels, the chief executive at Netragard LLC, which formerly sold zero-day exploits to governments and companies. "Our capabilities are now diminished."
Some vendors were already sifting through the disclosures to fix flaws in their software. The first confirmed patch came from Avira Operations GmbH & Co., a German antivirus vendor, which told the Associated Press it fixed what it described as "a minor vulnerability" within a few hours of the WikiLeaks release.
Apple said many of its security vulnerabilities disclosed by WikiLeaks were already fixed. In a statement late Tuesday, it said its initial analysis showed that the latest version of the iOS system software for iPhones and iPads fixed many of those flaws. Apple said it will "continue work to rapidly address any identified vulnerabilities."
Google hasn't commented yet.
The WikiLeaks disclosures were an extraordinary coup for a group that has already rocked American diplomacy with the release of 250,000 State Department cables, embarrassed the U.S. military with hundreds of thousands of logs from Iraq and Afghanistan and upended the U.S. presidential election by publishing Democratic Party emails.
The new releases are all the more remarkable given that WikiLeaks' founder Assange is midway through his fifth year at the Ecuadorean Embassy. He received political asylum after skipping bail to avoid extradition to Sweden, where he is wanted on a rape allegation. Last year, a United Nations panel declared that the U.K. and Sweden were detaining him arbitrarily, but there's no suggestion that Swedish or British authorities will budge on their desire to detain and extradite him.
Meanwhile, the upcoming second round of Ecuador's presidential contest may mean Assange's welcome at the embassy is wearing thin. The front-runner in the race, Guillermo Lasso, has said he would evict Assange, an action Assange says could eventually lead to his extradition to the United States.
Information from the Associated Press and Tribune Washington Bureau (TSN) was used in this report.