Wikileaks Reveals: CIA’s UMBRAGE Allows Agency To Carry Out ‘False Flag’ Cyber Attacks

A new release of CIA documents by Wikileaks indicates that the intelligence agency has the means and the intent to mask the cyber-attacks it commits by making them seem as if they originated from a foreign power.
By | Follow on Facebook | |
Be Sociable, Share!
    • Google+

    WASHINGTON, D.C. – Earlier today, Wikileaks once again made headlines following its release of the “largest ever publication of U.S. Central Intelligence Agency (CIA) documents.” The massive release – just the first batch in a trove of documents code-named “Vault 7” by Wikileaks – details the CIA’s global covert hacking program and its arsenal of weaponized exploits.

    While most coverage thus far has focused on the CIA’s ability to infiltrate and hack smartphones, smart TVs and several encrypted messaging applications, another crucial aspect of this latest leak has been skimmed over – one with potentially far-reaching geopolitical implications.

    According to a Wikileaks press release, the 8,761 newly published files came from the CIA’s Center for Cyber Intelligence (CCI) in Langley, Virginia. The release says that the UMBRAGE group, a subdivision of the center’s Remote Development Branch (RDB), has been collecting and maintaining a “substantial library of attack techniques ‘stolen’ from malware produced in other states, including the Russian Federation.”



    As Wikileaks notes, the UMBRAGE group and its related projects allow the CIA to misdirect the attribution of cyber attacks by “leaving behind the ‘fingerprints’ of the very groups that the attack techniques were stolen from.”

    In other words, the CIA’s sophisticated hacking tools all have a “signature” marking them as originating from the agency. In order to avoid arousing suspicion as to the true extent of its covert cyber operations, the CIA has employed UMBRAGE’s techniques in order to create signatures that allow multiple attacks to be attributed to various entities – instead of the real point of origin at the CIA – while also increasing its total number of attack types.

    Other parts of the release similarly focus on avoiding the attribution of cyberattacks or malware infestations to the CIA during forensic reviews of such attacks. In a document titled “Development Tradecraft DOs and DON’Ts,” hackers and code writers are warned “DO NOT leave data in a binary file that demonstrates CIA, U.S. [government] or its witting partner companies’ involvement in the creation or use of the binary/tool.” It then states that “attribution of binary/tool/etc. by an adversary can cause irreversible impacts to past, present and future U.S. [government] operations and equities.”

    While a major motivating factor in the CIA’s use of UMBRAGE is to cover its tracks, events over the past few months suggest that UMBRAGE may have been used for other, more nefarious purposes. After the outcome of the 2016 U.S. presidential election shocked many within the U.S. political establishment and corporate-owned media, the CIA emerged claiming that Russia mounted a “covert intelligence operation” to help Donald Trump edge out his rival Hillary Clinton.

    Prior to the election, Clinton’s campaign had also accused Russia of being behind the leak of John Podesta’s emails, as well as the emails of employees of the Democratic National Committee (DNC).

    Last December, Director of National Intelligence James Clapper – a man known for lying under oath about NSA surveillance – briefed senators in a closed-door meeting where he described findings on Russian government “hacks and other interference” in the election.

    Following the meeting, Rep. Adam Schiff (D-CA), a ranking member of the House Intelligence Committee, remarked: “After many briefings by our intelligence community, it is clear to me that the Russians hacked our democratic institutions and sought to interfere in our elections and sow discord.”

    Incidentally, the U.S. intelligence community’s assertions that Russia used cyber-attacks to interfere with the election overshadowed reports that the U.S. government had actually been responsible for several hacking attempts that targeted state election systems. For instance, the state of Georgia reported numerous hacking attempts on its election agencies’ networks, nearly all of which were traced back to the U.S. Department of Homeland Security.

    Now that the CIA has been shown to not only have the capability but also the express intention of replacing the “fingerprint” of cyber-attacks it conducts with those of another state actor, the CIA’s alleged evidence that Russia hacked the U.S. election – or anything else for that matter – is immediately suspect. There is no longer any way to determine if the CIA’s proof of Russian hacks on U.S. infrastructure is legitimate, as it could very well be a “false flag” attack.

    Given that accusations of Russian government cyber-attacks also coincide with a historic low in diplomatic relations between Russia and the U.S., the CIA’s long history of using covert means to justify hostile actions against foreign powers – typically in the name of national security – once again seems to be in play.

    Be Sociable, Share!

     

    Print This Story Print This Story
    You Might Also Like  
    ___________________________________________
    This entry was posted in Front Page: Inside Stories, Inside Stories, National, Top Stories, Top Story and tagged , , , , , , , . Bookmark the permalink.
    • Pingback: NYT, AP Retract Claim That 17 US Intel Agencies Agree Russia Hacked US Elections()

    • Pingback: Chomsky Says Republicans Most Dangerous Group In History()

    • Pingback: NSA To Expand Surveillance Of US, Foreign Elections Over “Russian Hacker” Fears - Alternative Report()

    • Pingback: NSA To Expand Surveillance Of U.S., Foreign Elections Over “Russian Hacker” Fears()

    • Hugo Spinoso

      i suppose the first thing to look for is how common the tool is, so its unlikely this kind of thing will be used, then how organized it had to be, to accomplish it, this wil show who might have done it, regardless of all the other tracks.

    • Pingback: The 4th Media » Wikileaks Reveals: CIA’s UMBRAGE Allows Agency to Carry out ‘False Flag’ Cyber Attacks()

    • Pingback: La CIA de Obama/Clinton: espionaje masivo y ataques cibernéticos de falsa bandera | El Mirador Global()

    • strav

      CIA hypocrisy states of america you suck the world hates you! The issue is not wikileaks leaking your dirty laundry! Its your dirty laundry that’s the issue! Spying on us from phones tablets tvs is a gross violation of privacy laws! Blaming other countries for your dirty espionage is a devils act! Your going down!

    • Pingback: Wikileaks: CIA “False Flag” Attack Likely Used To Plant Evidence For Trump Tower Wiretap()

    • Pingback: Real Game of Thrones: Donald der Disruptor und die permanente Regierung : Mathias Broeckers()

    • Ian Thomson

      Apparently to a lot of you Americans don’t see any relationship between what your CIA does, and your Homeland Security Agency and their hacking of everyones phones and computers etc. Odd that.

      • AliceFoster11

        <- Stay at home mom Kelly Richards from New York after resigning from her full time job managed to average from $6000-$8000 a month from freelancing at home… This is how she done itIts Not a Scam ….Just Check This. ⇛⇛⇛⇛⇛⇛http:://TrumpNewsSpecialJob/SpecialOffer………..

    • James Wherry

      “Could?”

    • Pingback: FBI Mobilizes To Find Source Of Wikileaks’ Vault 7()

    • Pingback: WikiLeaks' Vault 7: CIA Capable of Cyber 'False Flag' to Blame Russia | The Uncensored Report()

    • Pingback: Хакеры ЦРУ маскируются под русских | nepravda.in.ua()

    • Pingback: The Cyber War on YOU | Political Film Blog()

    • callmebc

      Duh, no. Hiding your tracks, including misdirection, when you hack is what *every* higher end hacker does and has been doing for a long while. Leaping from that to a false flag scenario is like leaping from Listerine having alcohol to suggesting it causes homelessness because many homeless people are alcoholics.

      • The article makes a good point in context. If one looks at the supposed “evidence” of Russian hacking elections – a 20 page, glossy document of nonsense endorsed by 18 US agencies of professional liars and obfuscators – https://www.documentcloud.org/documents/3254239-Russia-Hacking-report.html – it does not even offer any assertion that the Russian State hacking was directly involved in stealing document copies and transmitting them to Wikileaks. What it asserts is that DNC was infiiltrated at some point by malware which gathers info useful for making good e-mail phishing attacks, and that Podesta was lured by a phishing attack and compromised when he clicked on an email. The only link to Russian hacking was the assertion that the software used to gether the info had Russian signatures. The linked article from Wikileaks verifies that the CIA itself has made a habit of copying such signatures. You are correct to say that other 3rd parties may well do the same thing. The point here is that the CIA actually does do it and thinks its important and useful enough to spend effort on.

        • callmebc

          Sorry, but in *real* context, it’s basically complete gibberish. That report you linked to makes it very clear from the beginning that it’s only a declassified version of the much more sensitive, and presumably much longer and more in-depth version:
          —————-
          “Assessing Russian Activities and Intentions in Recent US Elections” is a declassified version of a highly classified assessment that has been provided to the President and to recipients approved by the President.

          “The Intelligence Community rarely can publicly reveal the full extent of its knowledge or the precise bases for its assessments, as the release of such information would reveal sensitive sources or methods and imperil the ability to collect critical foreign intelligence in the future.

          “Thus, while the conclusions in the report are all reflected in the classified assessment, the declassified report does not and cannot include the full supporting information, including specific intelligence and sources and methods.”
          —————

          You can’t make any accurate assumptions whatsoever about things you don’t know anything about know, and that’s what author did in the article, rendering it pretty much garbage.

          And third parties *do* exactly the same thing, always, and Russians themselves are very, very good at it: for some years, Akamai (which protects the websites of the likes of Microsoft and the NSA) use to prominently include a disclaimer in its annual security reports that went, “Note that the originating country as identified by the source IP address is not attribution—for example, a criminal in Russia may be launching attacks from compromised systems in China.”

          Let’s just say that wasn’t just some random example they made up. In the CIA’s case (and I’m really uncomfortable defending them given their bloody shenanigans in the 80’s and earlier), there is all the reason in the world for them to disguise their hacking activities against other countries, but not only are there zero reasons to make up evidence against the Russians, they would likely have gotten caught doing it: there are just too many parties involved in these things, however covert — just look at how just a small section of their tradecraft (spy tools) is are developed, bought and shared: https://wikileaks.org/ciav7p1/cms/page_13205587.html

          • I read the report carefully, and what YOU are saying is gibberish, buying into their deliberate lies and propaganda. They want you to believe that the REAL evidence is some classified knockout secret which they can’t tell you about. If you wish, you can choose to believe that it exists and has nothing to do with the unclassified document. Then why release an unclassfied document of meaningless nonsense claims???

            I believe that the unclassified documents gives hints about the classified version. For instance, they basically say that they spied on Putin and were able to determine that he preferred to see Trump win over HRC. I believe them about THAT and I am not bothered that they hide the secret classified method they used to spy on Putin. My point is that the allegation is pointless. So what if Putin preferred Trump over HRC? That is not interesting or evidence of the nonsense claim that he hacked the election. They describe the nature of the hacking allegation and evidence and both are empty. That is, they don’t have good secret evidence and even if they did, what they allege in specifics is not interesting. They do not try to claim that Wikileaks got its docs from Russian hacking.

            • callmebc

              Gawd, you right wingers and your constant and constantly disproved false flag conspiracy theories: you make The Boy Who Cried “Wolf!” seem like George Washington.

              It’s pretty apparent that you’re a Trump supporter, which means you’re an idiot, which in turn means you don’t understand anything remotely complicated. So you end up substituting delusional theories based on imagined evidence. I noticed you didn’t comment on my quote from an Akamai report — do you want to see the full document where I took that from? Here it is anyway:
              https://broadband.utah.gov/wp-content/uploads/2015/03/2014-q4-state-of-the-internet-report.pdf

              This represents how a real analysis of cybersecurity issues is done, which has absolutely nothing to do with the tech-illiterate nonsense that gets churned on right wing sites and then passed along to other nonsense-loving, tech-illiterate fools to further pass along.

              • Lots of heat, but no actual content from callmebc…

                I am neither a right winger nor a Trump supporter. I became a passionate CIA and FBI critic only after I was “woke” by being attacked for nother other than being a good citizen. Would you care to give one important example of a much discussed “false flag” that has been debunked. I can give 20 important ones that are real and for which there are piles of evidence supporting the view that false flag is likely and the official story is not.

                I opened your Akamai link, but it was not clear what, if any, relevance it had to the topic. Can you be precise about what claim you wish to support with that and where it is supported within the document?

                • callmebc

                  Gawd….just shoo.

                  • How much per hour does that new US Spook cyber-propaganda initiative pay anyway? Do you have reliable sources for that info?

                    • callmebc

                      In your case, they pay in unicorn dung by the ounce.

                      • I don’t have any use for unicorn dung, but I find that when I post at a new website (1st 1 or 2 entries), I frequently attract 1 buzzing fly, not saying anything specific, but making a lot of ad hominem allegations. And this person is typically up for many rounds of replies, without actually saying anything meaningul in any round. So I see that as a pattern/modus operandi, and infer that there are different people assigned to different websites, not comparing notes.

                      • callmebc

                        Maybe in your case, in unicorn dung by the milligram.

                      • LuisF

                        I don’t know why Josh lost his time trying to have a serious conversation with you. Taking into account your nonsense approach, not answering any question and only offending people, is evident to me you don’t deserve any response or explanation. Anyway, I cannot pass the opportunity to tell you are the one fecal stupid and with a negative IQ. Soon you will get out of work, because you don’t even have a positive in all your comments. The people that hire you cannot lose the misery they pay to you daily. Ah, by the way, poor children if you were capable to engender new life. If not, congratulations, because you understand your limits.

                      • callmebc

                        If you had bothered to look, I answered him seriously at the beginning, but he chose to ignore all that to go loopy doop, conspiracy nutcase crazy. I suffer fools very poorly and impatiently.

                • heraymo

                  9-11 was the biggest false flag attack.

                  • By some ways of measuring. Measured in some other ways, Vietnam is a good candidate.

                    • heraymo

                      yep Vietnam is confirmed a black flag event.

                      • I’m not familiar with a definition of “black flag event”. To be clear, I meant that a) Vietnam was huge, deadly, catastrophic event – bigger, long, more deadly than 9/11 by all measures, b) “Gulf of Tonkin” incident was a false story and known to be false at the time, c) US/CIA was involved in covert commando raids against the North for many years prior to Gulf of Tonkin, d) South Vietnam was US coup-installed corrupt govt., e) prior generation of leadership, Diem, was assassinated by US backed coup and had also been supported covertly by US, f) It was US that backed out of agreement to hold elections with the North, f) Viet-Cong was South Vietnamese political and military resistance to US occupation of that country – in Operation Phoenix, the CIA cruelly murdered tens of thousands of South Vietnamese civilians, in cold blood not in battle, on suspicion of supporting VC – pretending Mai Lai was some kind of isolated event was itself a lie, g) As early as 1958, Eisenhower authorized the use of nuclear weapons to help the French fight Ho Chi Minh h) There was no factual basis for the theory of “Dominoes” used to justify intense US involvement – it was just a bad theory, demonstrated as such by the ultimate outcome and its lack of geopolitical significance as a domino, i) Domestically, the FBI’s COINTELPRO was performing acts of domestic terrorism and other criminality against people simply for their protected political opposition to a stupid war, j) Nixon/CIA sabotaged the 1968 peace talks, k) Nixon/Kissinger expanded war to Cambodia in complete secrecy, l) US hid the mind-boggling tonnage of bombs that were dropped on Vietnam and Laos, m) US hid the toxicty and destructiveness of its Agent Orange defoliation operations

                        Overall, the US policy and activity and criminality were hidden from the public. It was essentially a false flag against a foreign group legitimately defending their home land against unprovoked US invasion for no good reason, just not liking their political ideology.

                      • raysusan49

                        WHOA! That my dear man was about as good as it gets for a grand rat-a-tat synopsis of what should have been the eternal awaking of the American ppl. Everything we ever needed to know about the cruelty of Empire built on lies and rivers of blood were right there for all to see. Now the Empire is crumbling and most haven’t a clue…..Thanks for the time and talent not to mention the correct historical content. I don’t see that very often…and that’s a shameful thing.

              • raysusan49

                OMG! Always that “Trump supporter” gauntlet…if or when someone doesn’t agree with you. Wake up oh yea of such unoriginality. The odds…if you were to just look the numbers…say you’d be wrong most of the time about someone being a Trump supporter. Then adding to that with the old “conspiracy theory” label just says you care more about …winning an issue…than it ever says about critical thinking.

                Since you’re the self proclaimed smarty pants here… then please explain to little ‘ol me IF ‘we’ are so far ahead in our hacking skills then why does it seem …we…are incapable of warding off all these hacks …we…have suffered by the obviously inferior other state actors? Guess it might mean we are just another half baked football team. Good with the offense but bad with the defense…maybe???

                Before you ponder answering that question…let’s all pause for a moment and bow our heads in remembrance of…the US Government and it’s agencies are allowed to propagandize the American citizen…or person…. whichever way you chose to be be addressed….

                • callmebc

                  If it embraces ignorance like a Trump supporter, is delusional like a Trump supporter, and rants like a Trump supporter, then it’s probably a Trump supporter.

                • heraymo

                  yeah you can’t say anything about anything. without out some nitwit calling you a trump supporter.i didnt even vote for either candidates
                  i actually voted green dems and repubs are all sold out.

                  • raysusan49

                    Good on you! I voted the same and agree with you 100%

      • Karanrewing

        Google is paying 97$ per hour! Work for few hours & have longer with friends and family! !dl511c:
        On tuesday I got a great new Land Rover Range Rover from having earned $8752 this last four weeks.. Its the most-financialy rewarding I’ve had.. It sounds unbelievable but you wont forgive yourself if you don’t check it
        !dl511c:
        ➽➽
        ➽➽;➽➽ http://GoogleFinancialCashJobs801ShopCommunityGetPaid$97/Hour ★★★✫★★★✫★★★✫★★★✫★★★✫★★★✫★★★✫★★★✫★★★✫★★★✫★★★✫★★★✫★★★✫::::::!dl511c:….,….