A cyber security expert at the University of Massachusetts believes hackers — and not the CIA — pose the greater threat to Americans in terms of collecting information gathered through smartphones and other internet-connected devices.
Concerns have been raised about the CIA’s activities following the website WikiLeaks’ release earlier this month of documents describing tools the federal agency allegedly used to access smartphones, computers and so-called “smart televisions.”
The release included more than 8,700 files and represented just the first part of the anti-secrecy organization’s document collection, WikiLeaks said. The entire CIA archive, called “Vault 7,” reportedly contains several hundred million lines of computer code.
Emery Berger has reviewed some of the documents and said people should be more concerned by hackers who can gain or have access to those tools than the government using the technology for domestic spying.
“I don’t think there’s a huge risk of individuals being targeted” by the CIA, Berger said. “The real risk is the technology.”
He noted that the CIA is prohibited from spying on American citizens, and said he believes the agency is not targeting Americans.
But, he said, there is a risk agents could pick up surveillance on Americans when it is intercepting conversations with foreign citizens.
For example, calls between the Russian ambassador to the United States and former National Security Adviser Michael T. Flynn calls were picked up as part of routine electronic surveillance of Russian officials and agents in the United States, which is one of the FBI’s responsibilities, according to the U.S. officials quoted in the Washington Post.
In Berger’s view, the bigger concern for the average citizen are hackers, who could exploit smart phones, smart televisions and Amazon’s voice-activated Echo technology.
“These devices are not as secure as they should be. They’re transmitting more data than they should be,” Berger said. He said he’s trusting that companies like Apple, Google and Amazon are not storing data transmitted online through this kind of a device.
“Everyone carries around in their pockets a microphone connected to the internet,” he said. “We have cameras connected to the internet.”
Many people also use computers and smart televisions equipped with webcams.
He said a colleague discovered it was possible for hackers to activate a laptop’s camera remotely — but to disable the light showing that it’s in operation, so the user would have no idea they were being watched. Some cyber security experts put tape over the cameras on their laptops to prevent that, he said.
He also said he’s turned off his iPhone’s voice-enabled technology, Siri, and that he doesn’t have an internet-connected smart television.
Consumers, he said, face “a trade-off (between) convenience and the potential significant loss of privacy” — and people need to be aware that any device connected to the internet could be hacked.