After much hype, on March 7, 2017 WikiLeaks released Vault 7 Part 1: Year Zero. Over the coming months, there were about two dozen smaller Vault 7 releases and a single Vault 8 release. While there was never a “Part 2” to Vault 7, there was a “Part B.” Prepared as pre-release insurance package the day after provocative comments from CIA, the decryption keys for the “Media Ops” package was never publicly released.
On April 13 2017, then-CIA Director Pompeo gave a now somewhat infamous speech at CSIS where he compared WikiLeaks to “a hostile intelligence service” that “has encouraged its followers to find jobs at the CIA in order to obtain intelligence.”
And that’s one of the reasons we at CIA find the celebration of entities like WikiLeaks to be both perplexing and deeply troubling because while we do our best to quietly collect information on those who pose very real threats to our country, individuals such as Julian Assange and Edward Snowden seek to use that information to make a name for themselves. As long as they make a splash, they care nothing about the lives they put at risk or the damage they cause to national security.
WikiLeaks walks like a hostile intelligence service and talks like a hostile intelligence service and has encouraged its followers to find jobs at the CIA in order to obtain intelligence. It directed Chelsea Manning in her theft of specific secret information. And it overwhelmingly focuses on the United States while seeking support from anti-democratic countries and organizations. It’s time to call our WikiLeaks for what it really is, a non-state hostile intelligence service often abetted by state actors like Russia.
The following day, WikiLeaks created a zip file named 2017-04-14_WL_Vault7-PartB_Media-Opsthat contained 2,759 securely encrypted PDFs. The first 2,758 PDFs were labeled numerically, from 1.pdf – 2758.pdf, with the final PDF being labeled key-list.pdf. The files ranged from 1.9 kB to 371.2 MB, and totaled 4.3 GB of data.
Another day later, WikiLeaks had made a torrent for the zip file and uploaded it to a hidden folder on their file server. Anyone could load the directory by putting the address directly into their web browser, but it didn’t show up in the website’s otherwise browsable list of raw, downloadable files. After this, WikiLeaks waited almost another week to do anything publicly.
Finally on April 21, WikiLeaks announced the torrent as an “encrypted backup pre-release.” Asking readers to use a torrent program to download the data, which they described only as “CIA Vault 7 part B Media Ops,” WikiLeaks linked to the hidden torrent file that allowed users to download the encrypted data that had been distributed across the internet.
A few hours later, WikiLeaks tweeted about it again with the same description, link and plea.
(The same day, WikiLeaks released Weeping Angel – a single document from 2014 about hacking smart TVs.)
While every PDF file was encrypted, the zip was not. In theory, every PDF would have been encrypted with a different key. By decrypting key-list.pdf, it would be possible to decrypt all of the PDF files. WikiLeaks – or any keyholder – could either release the information en masse by releasing the password for key-list.pdf or selectively release documents by handing out those keys from the list to individuals or the public. The keys to individual documents could be passed out to groups or individuals, or slowly distributed by literal or metaphorical numbers stations. Similarly, the key for key-list.pdf could be posted online or given out to individuals – or printed in a book.
When WikiLeaks released the Vault 7’s Year Zero pre-release, the password was released a few days after when Assange’s computers suffered a system failure he blamed on CIA. WikiLeaks never released the password publicly, and doesn’t appear to have publicly acknowledged the pre-release again. Who, if anyone, received access to part or all of the key-list remains unknown. WikiLeaks continued releasing pieces of Vault 7 after the insurance file was posted, but neither the number of files nor the size of the data seem to match the files released later.
If WikiLeaks acted like it forgot Vault 7’s “Media Ops,” their supporters didn’t. Nearly a dozen posts on the r/WikiLeaks subreddit, many of them convinced it was about Operation Mockingbird, a largely debunked conspiracy theory that distorts CIA’s very real and pervasive influence of the media and public perception, as well as the method and scale on which the Agency’s actual propaganda operations have run – which is often simply, directly, and on the back of capitalism. (History, of course, is full of exceptions and CIA’s covert propaganda efforts are no exception.)
Note: The zip has been archived by Distributed Denial of Secrets, the torrent has been archived by the Wayback Machine.
