Occasionally, I’ll post something exactly from Softwar.net, because it’s critical information, and everyone should wake up about encryption.
A MESSAGE FROM OUR FOUNDER AND CEO –
The Wikileaks disclosure of CIA espionage software is supposed to be about Big Brother. They are defensive in nature designed to monitor and tap into our computers and communications. However, these programs have more than just a passive surveillance function. They also can kill.
Quietly embedded in the latest Wikileaks disclosure of CIA exploits is a cute little program called NightSkies. NightSkies is one in a series of Apple malware programs under a project called Triton. These programs are designed to monitor and “beacon” back information stolen from infected Apple computers. NightSkies has one nice little feature in its arsenal of functions… it can also execute any other program downloaded secretly from a remote CIA “Listening Post”.
At first, this feature seems logical and more or less harmless. It is not. It is this feature that murder by software is enabled.
If the infected computer is used in an industrial, internet of things, military or medical application it can be turned into an assassination machine. While Apple computers are not often used in the military, industrial or Internet of Things fields, they are frequently found inside hospitals and they communicate with other critical systems as well – all of which can be the difference between life and death for a patient.
Clearly, the NightSkies design is not the only such program in the CIA arsenal. Similar features will be found embedded within other CIA exploit programs designed for the other major operating systems such as Android, Windows and Linux.
For example, a computer monitoring the condition of a patient can be told to ignore signs of a heart attack and not alert the staff. Other medical computers control more than just monitoring a patient, for example computers often control blood filtering for kidney dialysis. In fact the medical industry is filled with computers that perform a wide variety of life critical functions, diagnosis of brain tissues, X-ray controls, chemotherapy control, and delivery of intravenous medicines.
It is this remote code execution feature and payload delivery of the CIA NightSkies design that is of greatest concern. It could range from a subtle change in the dosage of medicine that becomes lethal, deliver a series of lethal X-Ray or radiation therapy treatments, or perform miss-diagnosis of a condition so that medical staff delivers lethal treatment. The computers involved could show the operators that they are performing flawlessly while at the same time dosing a patient with a massive amount of radiation.
NightSkies design also combines itself with embedded clock timers, to install itself and execute at a specific data/time and then de-install and delete itself at another pre-designated time. Thus, making it possible for the program to execute its prime function, kill and then delete itself, leaving no evidence behind. In addition, the NightSkies design exploits are built to be ignored and accepted by Anti-Virus programs; therefore they are almost invisible to current defenses. Finally, the NightSkies design programs communicate with their host Listening Post (LP) using encrypted communications so when they do “beacon” the data transmission is undecipherable. All these features combine to make NightSkies designs the perfect assassination tool.
The myriad of devices that we rely on for critical life functions that use any of the major operating systems are vulnerable to this kind of attack. These operating systems function aboard airliners, automobiles, in water plants, sewage facilities, oil pipelines, traffic control, police, fire, and rescue and are even present inside the controls for nuclear weapon systems. For example, the British force of nuclear tipped Trident submarines run a variant of Windows XP.
It is now clear exactly how dangerous the CIA exploits are. They are not simple defensive surveillance tools if they can download other programs unseen and then execute them. They become offensive weapons designed to kill.
CHARLES R. SMITH
CEO FOUNDER OF