Malware Complaints > Blog > News > CIA implements bogus Updates to spy on other US agencies

CIA implements bogus Updates to spy on other US agencies

August 28, 2017 News

Vault 7

Vault 7 is a Wikileaks series of leaked documents related to the US Central Intelligence Agency that was started back in March, 2017. A recent in update of Vault 7 posted on the 24th of August states that a document has been leaked that suggest that CIA has been using project called ExpressLane in order to collect biometric data from other intelligence agencies, some of which are said to be the Federal Bureau of Investigation (FBI), the National Security Agency (NSA) and the Department of Homeland Security (DHS) without the agencies’ knowledge.

Voluntary data sharing among agencies

The Office of Technical Services (OTS) which is a CIA branch has a system for collecting and sharing biometric data between liaison agencies from around the globe. The idea is that biometric information would be shared there so that all the agencies have access to it. However, as suggested by the leaked document at Vault 7, the Central Intelligence Agency might also utilize an additional method of gaining biometric data from the other agencies. The reason for that is supposedly the fact that there could always be information that is being withheld and not shared. Therefore, the data sharing policy at OTS is likely to be considered inefficient enough by CIA.

ExpressLane

According to the leaked document, ExpressLane is CIA a tool for collecting biometric intelligence from the servers of the liaison agencies. The premise is that an update related to the Office of Technical Services system needs to be carried out on the servers – if such an update isn’t issued every six months, the system would cease to work. However, in reality the OST representative who is supposed visit the liaison agencies and install the update actually installs the ExpressLane tool on the machine. The installation, however, is made to look like an actual update so that no one at the agency who supervises the “update” would be suspicious of anything. What really is happening during the fake update is collection of biometric data from the server and also the period of six months is prolonged with another six that a CIA/OST representative could make another visit half an year later for another data collection. Another tool called ExitRamp is used in combination with ExpressLane which allows for the data to be extracted. In addition to OTS, another another department of CIA is also said to have used the biometric software – the Identity Intelligence Center (IIC).

According to Wikileaks’ post, the ExpressLane tool has been developed with the help of CrossMatch – a biometric vendor company also known for providing US law-enforcement and the Intelligence community with biometric software. Back in 2011, this is the company which was claimed to have developed the technology used in the operation for Osama bin Laden’s assasination in Pakistan.

 

Author:
Boris is a writer and an editor of the articles on Malware Complaints. His mission is to provide the readers of our website with essential information and details with regards to various malicious programs, software viruses, potentially unwanted applications and any other form of malware that you, the users, might encounter. In addition, he also posts reviews of different programs and applications as well as news articles on various interesting and important topics related to the software world.
Need Help?
We strive to help our users resolve any kind of malware issues. Our security research team would be happy in assisting you. Feel free to contact us in the comment section. Please specify in full details the issue you are having and what steps you have taken so far.
Subscribe to newsletter


    Related articles

    Leave a Reply

    Your email address will not be published. Required fields are marked *