WikiLeaks has stirred a great deal of frenzy recently, disclosing how the Central Intelligence Agency can hack into a wide range of devices including smartphones, TVs, and more.
The WikiLeaks dump detailed how the CIA successfully breached technology products such as Android smartphones, iPhones, Samsung TVs, Wi-Fi routers, and other devices. This means the CIA can hack into virtually any major category of electronics, but things are not all that grim.
The Importance Of Software Updates
Owning one or several such devices doesn't automatically mean that the CIA has a green light to spy on everything you do. In fact, it doesn't pose such risks for most people.
WikiLeaks leaked thousands of pages of documents detailing the CIA hacking practices, but they involve programs that breached outdated software versions for the devices in question. Many of those security vulnerabilities have already been patched in the meantime, so those running the latest software versions should have nothing to worry about.
At the same time, many devices may still be running outdated software and that involves a higher risk. While the CIA created those tools to surveil terrorist activity in order to protect national security, the tools could cast a wider net as well.
WikiLeaks said the thousands of pages of documents it leaked make up only a portion of a larger trove of CIA material, which indicates that the hacking was far more extensive. For those worried that the CIA or other such entities might be able to spy on their devices, here's how to protect your smartphone, router, internet-connected TV, and other connected devices.
How To Protect Your Android Device
Android fragmentation has always been an issue and right now, hundreds of millions of devices still run older versions of the mobile operating system. The WikiLeaks document trove showed that the CIA's hacking programs targeted Android devices running mostly Android 4.0, also known as Ice Cream Sandwich (ICS). This OS version dates back to 2011, yet 30 percent of Android users (roughly 420 million people) are still running a variant of Android 4.0, based on Google stats.
With this in mind, the best and simplest way to keep your Android device protected is to upgrade to a newer version of the OS. It's paramount to keep your device and apps up to date at all times, with the latest available Android security patch installed.
On the other hand, older devices such as the Samsung Galaxy S3 and others are not eligible for the latest versions of the Android OS. In such cases, it might be a good idea to get a newer Android device that can support a newer OS version.
Other than getting the latest OS versions, it's also highly advisable to secure your device with a PIN code and lock screen, as well as enabling the Verify Apps setting designed to keep third-party apps from infecting your device with malware.
How To Protect Your iOS Device
With Apple's mobile operating system, fragmentation is not as great as it is for Android. Typically iPhone owners are more up-to-date software-wise than their Android counterparts, which means that only a small fraction of iPhone owners run the older iOS versions mentioned in the WikiLeaks dump.
The documents in question detailed CIA hacking tools designed to breach older versions of Apple's mobile OS up to iOS 8.2. On the bright side, roughly 79 percent of Apple users already run the latest iOS 10, while just 5 percent run a software version older than iOS 9.
As in Android's case, it's advisable to either upgrade to the latest OS version or, if that's not possible, get a newer device that supports the latest OS version. The new iOS 10 is compatible with iPhone 5 and newer and iPad Air/iPad Mini 2 and newer. Older devices might pose some security risks.
What About Internet-Connected TVs?
The WikiLeaks documents also mentioned tools for hacking smart TVs part of the Samsung F8000 series, which have built-in microphones to support voice control. Software updates with necessary security enhancements are automatically downloaded and installed on these TVs, but it remains unclear at this point whether any of the vulnerabilities detailed in the WikiLeaks documents have actually been patched.
The files revealed a tool called "Weeping Angel" that placed the Samsung TVs in a fake off mode, making the owner believe the TV is off when in fact it secretly records conversations and sends them over to a CIA server computer.
Internet of Things (IoT) devices such as Smart TVs have long been raising security concerns mainly because many of the device manufacturers don't have enough expertise in information security. Since the Weeping Angel tool keeps controlling the TV even when it seems to be off, it's not clear for now just how users can protect their TVs. Samsung is expected to address this matter shortly.
How To Protect Your Wi-Fi Router
The documents from WikiLeaks also disclosed methods involving malware injected onto routers from various Asian manufacturers such as ZTE Huawei and Mercury. As a general rule of thumb, it's recommended for all router owners to regularly check for firmware updates and ensure they get the latest available security patches.
In many cases, getting the latest firmware update requires actually logging into the router, albeit newer routers such as Google Wifi come with companion mobile apps that allow users to automatically download the latest updates. For those concerned about their router's security, it might be a good idea to get a modern router with the possibility of automatic firmware updates.
How To Protect Your Computer
Lastly, WikiLeaks also disclosed CIA hacks on Windows, Apple, and Linux computers, but that's hardly a surprise considering that PCs have historically been far more vulnerable than other devices.
As with mobile devices, the best thing to do is ensure the latest OS updates are installed. At the same time, make sure that a good antivirus software protects your device and keep an eye out for any shady websites that might inject malware.