CIA Vault 7 Newest Leaks

Today Wikileaks released the newest Vault 7 release of information regarding the United States’ Central Intelligence Agency. The CIA’s Office of Technical Service (OTS) is the group responsible for supplying CIA operatives with tech gadgets, spy items like secret recording devices, disguises and other sneaky stuff to do their jobs. Today’s release is called Express Lane and it’s a doozy. It has been used against fellow intelligence agencies such as the FBI, DHS and even the notorious NSA. CIA Express Lane

Express Lane is designed to help steal biometric and other information. It has 2 components to it. First, it will create a hidden, encrypted partition on the system in which it is installed. It will identify certain information gathered or stored on that machine, copy it, encrypt it and hide it on this partition.  Take a look at this image to the right. Very simple, yet very sneaky!

Secondly, it has a piece called Exit Ramp (see image to the left) so that an agent of the previous mentioned OTS can insert a USB drive and capture the CIA Express Lane - Exit Rampcontents of that encrypted partition to take with them. Remember, these are supposed to be partners of the CIA and they would normally share information, but the CIA believes these other agencies don’t share everything, so they devised this method to get the rest. Since many of these machines are air gapped or otherwise protected, it takes a physical visit to the machine to collect the data it has stolen.

This software was originally built by a security company called Cross Match. One of their products was even used to help identify Osama Bin Laden during his time in Pakistan. What is scary about this is that Cross Match offers products and services to the Information Technology community of governments around the world, as well as private and publicly owned business.  They offer solutions in the Biometric security space, but now that their involvement has been leaked, I do not know how any company could trust to buy a solution from them and not always wonder if a hidden CIA backdoor is built in and being used against you. It will be interesting to see how their business is affected.

Skip to toolbar