The CIA developed an anti-forensic framework to cover its tracks that could make it seem like cyberattacks came from other countries, including Russia.
The 2016 US Presidential election was marred by allegations that the Russians were responsible for hacking the election in favor of now President Trump.
WikiLeaks’ release of Vault 7 “Marble” on Friday revealed that the CIA developed tools to cover its hacking tracks by implementing a secret anti-forensic malware named Marble that was capable of faking cyberattacks from other countries.
That means that the CIA has the capability of attacking systems from what appears to be Russia, China, North Korea, Arabic-speaking countries, and Iran, but in reality the attacks would be coming directly from the CIA or whomever has access to its tools.
Unlike previous dumps by WikiLeaks that revealed CIA spy programs that were from several years ago, Marble was in full use in 2016 and reached version 1.o in 2015.
With the world still blaming Russia for hacking the US election, WikiLeaks has exposed how the CIA had all the capabilities of not only hacking the election, but also blaming the hacks on the Russians.
The source code for Marble shows that test examples were written in a variety of languages that “would permit a forensic attribution double game.”
The plot behind Marble was so intricate that the CIA could, for example, pretend that “the spoken language of the malware creator was not American English, but Chinese,” but then show “attempts to conceal the use of Chinese, drawing forensic investigators even more strongly to the wrong conclusion.”
The same could be said about apparent cyberattacks that seemingly came from Russia. It all could be faked.
It is beyond the scope of this article to attribute why the CIA would want to hack the election, and there is no proof that the CIA was involved.
What is clear is that the CIA does have the ability to cover its tracks in its hacking schemes by making it seem like cyberattacks come from other countries.
A Marble is a specific algorithm that scrambles and unscrambles data, and the Marble Framework was designed to allow for flexible and easy-to-use obfuscation (making something obscure) when developing tools.
The Marble Framework covered over the English language text on US-produced weapons systems before giving them to insurgents secretly backed by the CIA, according to WikiLeaks.
A broader perspective
With the latest chemical attack in Syria on Tuesday, the mainstream media is already blaming President Bashar al Assad, who is allied with Vladimir Putin in Russia.
The chemical attack would cross a “red line” so infamously put by former US President Barack Obama, that the US would have to intervene.
However, the US and its allies have been backing rebels in Syria that they cannot control, and these armed groups are also committing atrocities.
There is an agenda to demonize Russia, for good or ill, and since the CIA can cover its tracks so well, who is to say that Tuesday’s apparent chemical attack in Syria actually came from Assad and not from the US-backed rebels?
The CIA has covertly overthrown dozens of democratically-elected heads of state throughout the world, only to replace them with puppets who work for the benefit of US interests.
We see the same scenario being played out in Syria, and a proposed $10 billion pipeline to run through Syria only gives rise to the notion that this war is anything but civil, but rather a coup to seize the country, oust its leader, install a NATO-friendly head of state, and usher in a new central bank.
EcoWatch reported that the “war against Bashar Assad did not begin with the peaceful civil protests of the Arab Spring in 2011. Instead it began in 2000 when Qatar proposed to construct a $10 billion, 1,500km pipeline through Saudi Arabia, Jordan, Syria and Turkey.”
Look what happened to Afghanistan, Libya, and Iraq in the past 16 years, and you will see what happens when the US attacks oil-rich countries that aren’t members of the IMF or World Bank.
The war in Syria has all the tell-tale signs of CIA intervention, and the latest dump by WikiLeaks confirms how well the CIA can cover its tracks.
Coming up with concrete proof, rather than escalating and speculative evidence, is difficult to come by, but if history is any indication of where we are heading, there will only be more suffering to come for the people of Syria.
Editor’s Note July 7, 2021: The original headline of this article from 2017 stated that the CIA “used” Marble to cover its tracks, but I’ve changed it to say “developed,” since no specific CIA use cases were listed in the original piece, which has always accurately stated, “the CIA does have the ability to cover its tracks.”