The WikiLeaks selective dump of internal files from the CIA’s espionage software development organization was accompanied by a press release from Julian Assange that went full-throttle on the dire nature of the CIA’s hacking tools. While the documents themselves provide context that contradicts some of Assange’s hype, there is certainly a major cause for concern that comes along with the press release: Assange claims that the CIA’s tools are being shared “out of control” and may already be in use for nefarious purposes.
In a video statement on Periscope today, Assange asserted that the CIA “lost control of its entire cyber-weapons arsenal. Now, this is a historic act of devastating incompetence to have created such an arsenal and stored it all in one place and not secured it.” Assange repeated the claim that WikiLeaks had stumbled upon the archive “as the result of it being passed around a number of different members of the US intelligence community out of control in unauthorized fashion.”
When Assange released the first wave of documents, from what is apparently a recent archive from an internal CIA developer collaboration server, he did a number of things that WikiLeaks hasn’t done in the past. Perhaps in response to some of the criticism leveled against WikiLeaks from others—including NSA whistleblower Edward Snowden—Assange and WikiLeaks largely redacted personal details of CIA employees from the dump. The group also held back the archives of the tools themselves (publishing instead text files with a list of the archives’ contents). Assange has taken the position that this leak is primarily about protecting computer users around the world from the use of the tools that are part of the leak. He also insinuated WikiLeaks had evidence that the CIA spied on US citizens—or at least had implants on systems with US IP addresses.