Documents released by WikiLeaks allege that the security of home, office and public routers from 10 manufacturers have for years been compromised by the Central Intelligence Agency so as to monitor incoming and outgoing traffic on internal networks and infect connected devices.
The primary job of any router is to move data packets between networks, such as between a home network and the Internet. Experts have long complained that many routers suffer from various security flaws.
According to ZDNet, which reviewed but could not authenticate the WikiLeaks documents, the CIA had successfully created software “implants” capable of gaining control in “roughly 25 different devices” from 10 manufacturers, including those of Asus, Belkin, D-Link, Linksys and Netgear.
In particular, the 175-page CherryBlossom user guide describes a Linux-based operating system that can be installed on a router, converting it into a “FlyTrap” that sends device status and security information to a CIA-controlled server called a “CherryTree.” The CIA server stores that information in a database and sends back to the infected device a “Mission” of tasks the router is to perform, particularized to the target. The router can thus be likened to an electronic secret agent, a “mole” in a home or business.
The CIA even allegedly has a “CherryWeb” browser that can be used to view the status and security information provided by FlyTraps, program new clandestine Missions for the home routers, and even perform system administration tasks.
The Missions of the hacked routers can target users based on Internet Protocol (IP) addresses, e-mail addresses, Media Access Control (MAC) addresses used in Wi-Fi and Ethernet Local Area Networks (LANs), chat user names, and Voice-over-IP (VoIP) numbers. The secret activity of a Mission can include copying some or all of the data traffic — including contact information such as email addresses, chat user names, and VoIP numbers.
Additionally, the CIA software can allegedly set up a Virtual Private Network (VPN) connection to the router that enables remote access to the Local Area Network (LAN) of the home or office served by the router. Conventional VPNs are used by many businesses to enable “telecommuting” by their employees, giving them company network access from afar.
Moreover, all network connections under the control of the CIA’s secret software can be allegedly be “proxied,” which means an intermediary can be inserted in the network, thus giving computers and their users on a network the impression that they are communicating with a particular computer or network when it is in fact they are communicating with a different one.
WikiLeaks published many documents in March allegedly revealing the existence of CIA hacking tactics and various tools to hack into personal phones, smart TVs, computers and routers.
These most recent WikiLeaks documents suggest that the CIA's alleged hacking techniques would be practically impossible for the average network owner to detect.
Richard Grigonis is an internationally known technology editor and writer. He was executive editor of Technology Management Corporation’s IP Communications Group of magazines from 2006 to 2009. The author of five books on computers and telecom, including the highly influential "Computer Telephony Encyclopedia" (2000), he was founding editor-in-chief of Jeff Pulver’s Voice on the Net (VON) magazine from 2003 to 2006, and the chief technical editor of Harry Newton’s Computer Telephony magazine from its first year of operation in 1994 until 2003. Read more reports from Richard Grigonis — Click Here Now.
© 2021 Newsmax. All rights reserved.