Source code for CIA’s tool to track whistleblowers
On the 28th of April, Wikileaks released details for Scribbles, also known as “Snowden Stopper”. It is alleged to be the whistleblower tracking tool that was devised by the CIA. It could embed the web beacon tags to the confidential documents, thus allowing the government agency to look into foreign spies as well as whistleblowers.
What is a web beacon? It is a transparent graphical image which can be implanted onto emails and web pages. You will receive details on whether the file was opened or not. This bug that the CIA had implanted could also reveal the IP address used to unveil the document.
With this tool, CIA could look into the analytics for the document which was opened, and even surveil the contents. Basically, the CIA carries a lot of confidential and secure documents that are likely to be misused by the spies and other countries or, even the journalists. That’s precisely why they need to keep them secure and in a safe place. The documents that can be copied are likely to carry this bug.
Wikileaks revealed the source code as well as the user guide for Scribbles. This is part of the Vault 7 Dark Matter Dump that Wikileaks has been working on since March. Scribbles works exclusively with Microsoft Office documents, and has been tested successfully with the Microsoft Office 2013, and lower versions of MS Office. This tool can even create identical or unique copies for these files. If you tend to open the target document in other than Word applications such as OpenOffice or LibreOffice, you will see the water mark, and the URLs are highly visible in this case.
It is important therefore that when you are coding a document for Scribbles, you make sure the host name and the URL are consistent with the content, if you are sure that the target user is likely to open the contents in another application which is not MS word. Make sure you test the documents for these applications as well, and check that the contents are secure.
While Wikileaks has enjoyed a great relationship with the US government, these leaks are sure to have taken the relationship to a different level. If you are preparing a document to be secure and confidential, make sure you know how to keep it marked. Copyrighting the document is very important for your organization.