Did the CIA hack your phone?

AP Photo/Mark Lennihan, File

AP Photo/Mark Lennihan, File

Published Mar 25, 2017

Share

Washington - WikiLeaks claimed Thursday that the CIA had found a way

to intercept and hack into Apple iPhones just a year after the company's

smartphone hit the market. The group also claimed that the CIA was able to

infect Mac computers. But it's very unlikely that your iPhone or Mac was

affected, experts say.

Apple said that its preliminary assessment of the

WikiLeaks documents show that the "alleged iPhone vulnerability affected

iPhone 3G only and was fixed in 2009 when iPhone 3GS was released." The

company also said that the alleged Mac exploits described by WikiLeaks were

fixed in all Macs launched after 2013.

The CIA referred The Post to an earlier statement that

declined to comment on the accuracy of the WikiLeaks information, but denounced

disclosures "designed to damage the Intelligence Community's ability to

protect America against terrorists and other adversaries."

The documents offer a rare glimpse into the world of

modern espionage, said Jeff Pollard, a security and risk analyst at Forrester

Research. For Apple and other companies, he said, it also shows that it's very

difficult to secure their products all the way from their factories to their

customers.

"The most concerning part of this is that it

highlights that it doesn't matter how secure you keep a device," he said.

"You have to understand that there could also be something that gets

delivered to you in a device that you purchased."

Read also:  Who wants multiple iPhone personalities?

According to WikiLeaks, the documents allege that, as far

back as 2008, the CIA was able to install software on iPhones before they were

shipped to their intended owners. There's no evidence of tampering done at

Apple's factories, experts said. The documents also purportedly show that the

CIA found a way to install software on Macs that could not be removed, even if

a user were to reinstall their operating system. There is a specific mention of

the CIA trying to intercept a laptop that it knew was being given to someone as

a gift to plant its malware. Both methods require physical access to the

devices.

There is no evidence in the documents that the CIA used

these methods on a broad scale.

Experts who examined the documents said there is little

chance that the average consumer - particularly in the United States, given the

CIA's foreign focus - would have been affected by these attacks, said Will

Strafach, a noted iPhone security expert and co-founder of Verify.ly, a mobile

app intelligence service. It's also unlikely that anyone could look at these

documents now and design a similar hack, he said.

"It's too old. And even if it wasn't too old, it

requires you to get to a device that is en route to somebody specific," he

said.

The release of these documents follow a similar

disclosure from WikiLeaks earlier this month, which allegedly outlined a suite

of hacking tools used by the CIA that target smartphones, cars and televisions.

The group has said that it will work with technology companies to help patch

flaws exploited by the CIA's hacking tools, but offered few details on how such

a partnership would work, Reuters reported.

Apple said that it has not "negotiated with

WikiLeaks for any information" and has instructed the organization to

submit information though its normal processes. "Thus far, we have not

received any information from them that isn't in the public domain," the

company's statement said. "We are tireless defenders of our users'

security and privacy, but we do not condone theft or coordinate with those that

threaten to harm our users."

WASHINGTON POST

Related Topics: