Good evening London.
What a sight for sore eyes. People ask what gives me hope. Well, the answer is right here.
Six months ago – 185 days ago – I entered this building.
It has become my home, my office and my refuge.
Thanks to the principled stance of the Ecuadorian government and the support of its people, I am safe in this embassy to speak to you.
And every single day outside, for 185 days, people like you have watched over this embassy – come rain, hail and shine.
Every single day. I came here in summer. It is winter now.
I have been sustained by your solidarity and I’m grateful for the efforts of people all around the world supporting the work of WikiLeaks, supporting freedom of speech, freedom of the press, essential elements in any democracy.
While my freedom is limited, at least I am still able to communicate this Christmas, unlike the 232 journalists who are in jail tonight.
Unlike Gottfrid Svartholm in Sweden tonight.
Unlike Jeremy Hammond in New York tonight.
Unlike Nabeel Rajab in Bahrain tonight.
And unlike Bradley Manning, who turned 25 this week, a young man who has maintained his dignity after spending more than 10 per cent of his life in jail, without trial, some of that time in a cage, naked and without his glasses.
And unlike so many others whose plights are linked to my own.
I salute these brave men and women. And I salute journalists and publications that have covered what continues to happen to these people, and to journalists who continue publishing the truth in face of persecution, prosecution and threat – who take journalism and publishing seriously.
Because it is from the revelation of truth that all else follows.
Our buildings can only be as tall as their bricks are strong.
Our civilization is only as strong as its ideas are true.
When our buildings are erected by the corrupt, when their cement is cut with dirt, when pristine steel is replaced by scrap – our buildings are not safe to live in.
And when our media is corrupt, when our academics are timid, when our history is filled with half- truths and lies – our civilization will never be just. It will never reach to the sky.
Our societies are intellectual shanty towns. Our beliefs about the world and each other have been created by the same system that has lied us into repeated wars that have killed millions.
You can’t build a skyscraper out of plasticine. And you can’t build a just civilization out of ignorance and lies.
We have to educate each other. We have to celebrate those who reveal the truth and denounce those who poison our ability to comprehend the world that we live in.
The quality of our discourse is the limit of our civilization.
But this generation has come to its feet and is revolutionizing the way we see the world.
For the first time in history the people who are affected by history are its creators.
And for other journalists and publications – your work speaks for itself, and so do your war crimes.
I salute those who recognize the freedom of the press and the public’s right to know – recognized in the Universal Declaration of Human Rights, recognized in the First Amendment of the United States – we must recognize that these are in danger and need protection like never before.
WikiLeaks is under a continuing Department of Justice investigation, and this fact has been recognized rightly by Ecuador and the governments of Latin America as one that materially endangers my life and my work.
Asylum is not granted on a whim, but granted on facts.
The U.S. investigation is referred to in testimony – under oath – in the U.S. courts, is admitted by the Department of Justice, and in the Washington Post just four days ago by the District Attorney of Virginia, as a fact. Its subpoenas are being litigated by our people in the U.S. courts. The Pentagon reissued its threats against me in September and claimed the very existence of WikiLeaks is an ongoing crime.
My work will not be cowed. But while this immoral investigation continues, and while the Australian government will not defend the journalism and publishing of WikiLeaks, I must remain here.
However, the door is open – and the door has always been open – for anyone who wishes to speak to me. Like you, I have not been charged with a crime. If you ever see spin that suggests otherwise, note this corruption of journalism and then go to justice4assange.com for the full facts. Tell the world the truth, and tell the world who lied to you.
Despite the limitations, despite the extra-judicial banking blockade, which circles WikiLeaks like the Cuban embargo, despite an unprecedented criminal investigation and a campaign to damage and destroy my organization, 2012 has been a huge year.
We have released nearly one million documents:
Documents relating to the unfolding war in Syria.
We have exposed the mass surveillance state in hundreds of documents from private intelligence companies.
We have released information about the treatment of detainees at Guantanamo Bay and elsewhere – the symbol of the corruption of the rule of law in the West, and beyond.
We’ve won against the immoral blockade in the courts and in the European Parliament.
After a two-year fight, contributions to WikiLeaks have gone from being blockaded and tax-deductible nowhere to being tax-deductible across the entirety of the European Union and the United States.
And last week information revealed by WikiLeaks was vital – and cited in the judgment – in determining what really happened to El-Masri, an innocent European kidnapped and tortured by the CIA.
Next year will be equally busy. WikiLeaks has already over a million documents being prepared to be released, documents that affect every country in the world. Every country in this world.
And in Australia an unelected Senator will be replaced by one that is elected.
In 2013, we continue to stand up to bullies. The Ecuadorian government and the governments of Latin America have shown how co-operating through shared values can embolden governments to stand up to coercion and support self-determination. Their governments threaten no one, attack no one, send drones at no one. But together they stand strong and independent.
The tired calls of Washington powerbrokers for economic sanctions against Ecuador, simply for defending my rights, are misguided and wrong. President Correa rightly said, “Ecuador’s principles are not for sale.” We must unite together to defend the courageous people of Ecuador, to defend them against intervention in their economy and interference in their elections next year.
The power of people speaking up and resisting together terrifies corrupt and undemocratic power. So much so that ordinary people here in the West are now the enemy of governments, an enemy to be watched, an enemy to be controlled and to be impoverished.
True democracy is not the White House. True democracy is not Canberra. True democracy is the resistance of people, armed with the truth, against lies, from Tahrir to right here in London. Every day, ordinary people teach us that democracy is free speech and dissent.
For once we, the people, stop speaking out and stop dissenting, once we are distracted or pacified, once we turn away from each other, we are no longer free. For true democracy is the sum – is the sum – of our resistance.
If you don’t speak up – if you give up what is uniquely yours as a human being: if you surrender your consciousness, your independence, your sense of what is right and what is wrong, in other words – perhaps without knowing it, you become passive and controlled, unable to defend yourselves and those you love.
People often ask, “What can I do?”
The answer is not so difficult.
Learn how the world works. Challenge the statements and intentions of those who seek to control us behind a facade of democracy and monarchy.
Unite in common purpose and common principle to design, build, document, finance and defend.
Learn. Challenge. Act.
Now.
(Not checked to delivery – published at 19:00 GMT)
Six months ago – 185 days ago – I entered this building.
It has become my home, my office and my refuge.
Thanks to the principled stance of the Ecuadorian government and the support of its people I am safe in this Embassy and safe to speak from this Embassy.
And every single day outside, people like you have watched over this embassy – rain hail and shine.
Every single day. I came here in summer. It’s winter now.
I have been sustained by this solidarity and I’m grateful for the efforts of people all around the world supporting the work of Wikileaks, supporting freedom of speech and freedom of the press, essential elements in any democracy.
While my freedom is limited, I am still able to communicate this Christmas, unlike the 232 journalists who are in jail tonight.
unlike Godfried Svartholm in Sweden tonight
unlike Jeremy Hammond in New York tonight
unlike Nabeel Rajab in Bahrain tonight
unlike Bradley Manning who turned 25 this week, a young man who has maintained his dignity after spending more than 10% of this life in jail, some of that time in a cage, naked and without his glasses.
and unlike the so many others whose plights are linked to my own.
I salute these brave men and women. And I salute those journalists and publications that have covered what has and continues to happen to these people, and to journalists and publications that continue publishing the truth in the face of persecution, prosecution and threat – who take journalism and publishing seriously.
Because it is from the revelation of the truth that all else follows.
Our buildings can only be as tall as their bricks are strong.
And our civilization is only as strong as its ideas are true.
When our buildings are erected by the corrupt. When their cement is cut with dirt. When pristine steel is replaced by scrap–our buildings are not safe to live in.
And when our media is corrupt. When our academics are timid. When our history is filled with half truths and lies. Our civilization will never be just. It will never reach the sky.
Our societies are intellectual shanty towns. Our beliefs about the world and each other have been created by same system that has lied us into repeated wars that have killed millions.
You can’t build a sky scraper out of plasticine. And you can’t build a just civilization out of ignorance and lies.
We have to educate each other. We have to celebrate those who reveal the truth and denounce those who poison our ability to comprehend the world we live in.
The quality of our discourse is the limit of our civilization.
This generation has come to its feet and is revolutionizing the way we see the world.
For the first time in history the people affected by history are its creators.
As for other journalists and publications – your work speaks for itself, and so do your war crimes.
I salute those who recognize that freedom of the press and the publics right to know– recognized in the Universal Declaration of Human Rights and in the 1st Amendment in the US – is in danger and needs protection like never before.
Wikileaks is under a continuing criminal investigation and this fact has been recognized by Ecuador and the governments of Latin America as one that materially endangers my life and work.
Asylum is not granted on a whim but on facts.
The US investigation is referred to in testimony under oath in US courts, is admitted by Department of Justice and by the District Attorney of Virginia as a fact. It’s subpoenas are being litigated in the courts. The Pentagon reissued its threats against me in September and claimed the very existence of Wikileaks is an ongoing crime.
My work will not be cowed. But while this immoral investigation continues, and while the Australian government will not defend the journalism and publishing of Wikileaks, I must remain here.
However, the door is open – and the door has always been open – for anyone who wishes to speak to me. Like you I have not been charged with a crime. If ever see spin that suggests otherwise, note this corruption of journalism. Then goto justice4assange.com for the full facts. Tell the world the truth.
Despite the limitations, despite the extra judicial banking blockade, which circles WikiLeaks like the Cuban embargo, despite an unprecedented criminal investigation and campaign to damage and destroy Wikileaks, 2012 has been a huge year.
We have released nearly a million documents. made significant releases – relating to events unfolding in Syria.
We have exposed the mass surveillance state and hundreds of thousands of documents from private intelligence companies.
We have released information about the treatment of detainees at Guantanamo bay and elsewhere.
We’ve won against the blockade in the courts and the European Parliament.
And after a two year fight contributions to WikiLeaks have gone from being tax deductible no where to being tax deductible across the entirety of the European Union and the United States.
And last week information revealed by Wikileaks was vital in determining what really happened to El Masri, an innocent European kidnapped and tortured by the CIA.
Next year will be equally busy. Wikileaks already has well over a million documents to release. Documents that affect every country in the world. Every country in this world.
And in Australia an unelected Senator will be replaced by one that is elected.
In 2013 we continue to stand up to bullies. The Ecuadorian government and the governments of Latin America have shown how cooperating through shared values can embolden governments to stand up to bullies and support self determination. Their governments threaten no one: attack no one: send drones at no one. But together they stand strong and independent.
The tired calls by Washington power brokers for economic sanctions against Ecuador, simply for defending my rights, are misguided and wrong. President Correa rightly said, “Ecuador’s principles are not for sale.”. We must unite to defend the courageous people of Ecuador against interference in its economy and interference in its elections next year.
The power of people speaking up and resisting together terrifies corrupt undemocratic power. So much so that ordinary people in the West are now the enemy of governments, an enemy to be watched, controlled and impoverished.
True democracy is not the White house. It is not Canberra. True democracy is the resistance of people armed with the truth, against lies, from Tahrir to London. Every day, ordinary people teach us that democracy is free speech and dissent.
For once we, the people, stop speaking out, and stop dissenting, once we are distracted or pacified, once we turn away from each other, we are no longer free. For true democracy is the sum of our resistance.
If you don’t speak up, if you give up what is uniquely yours as a human being, you surrender your consciousness; your independence, even your sense of what is right and wrong. In other words, perhaps without knowing it, you become passive and controlled, unable to defend yourself and those you love.
People often ask, “What can I do?” the answer is not so difficult.
Learn how the world works. Challenge the statements, actions and intentions of those who seek to control us behind the facades of democracy and monarchy.
Unite in common purpose and common principle to design, build, document, finance and defend.
Learn, challenge, act.
Now.
Statement by Julian Assange on Verdict in Bradley Manning Court-Martial
- [es] Comunicado de Wikileaks sobre el veredicto emitido contra Bradley Manning en la Corte Marcial
- [en] Statement by Julian Assange on Verdict in Bradley Manning Court-Martial
Today Bradley Manning, a whistleblower, was convicted by a military court at Fort Meade of 20 offences for supplying the press with information, including six counts of ‘espionage’. He now faces a maximum sentence of 136 years.
The ‘aiding the enemy’ charge has fallen away. It was only included, it seems, to make calling journalism ‘espionage’ seem reasonable. It is not.
Bradley Manning’s alleged disclosures have exposed war crimes, sparked revolutions, and induced democratic reform. He is the quintessential whistleblower.
This is the first ever espionage conviction against a whistleblower. It is a dangerous precedent and an example of national security extremism. It is a short sighted judgment that can not be tolerated and must be reversed. It can never be that conveying true information to the public is ‘espionage’.
President Obama has initiated more espionage proceedings against whistleblowers and publishers than all previous presidents combined.
In 2008 presidential candidate Barack Obama ran on a platform that praised whistleblowing as an act of courage and patriotism. That platform has been comprehensively betrayed. His campaign document described whistleblowers as watchdogs when government abuses its authority. It was removed from the internet last week.
Throughout the proceedings there has been a conspicuous absence: the absence of any victim. The prosecution did not present evidence that – or even claim that – a single person came to harm as a result of Bradley Manning’s disclosures. The government never claimed Mr. Manning was working for a foreign power.
The only ‘victim’ was the US government’s wounded pride, but the abuse of this fine young man was never the way to restore it. Rather, the abuse of Bradley Manning has left the world with a sense of disgust at how low the Obama administration has fallen. It is not a sign of strength, but of weakness.
The judge has allowed the prosecution to substantially alter the charges after both the defense and the prosecution had rested their cases, permitted the prosecution 141 witnesses and extensive secret testimony. The government kept Bradley Manning in a cage, stripped him naked and isolated him in order to crack him, an act formally condemned by the United Nations Special Rapporteur for torture. This was never a fair trial.
The Obama administration has been chipping away democratic freedoms in the United States. With today’s verdict, Obama has hacked off much more. The administration is intent on deterring and silencing whistleblowers, intent on weakening freedom of the press.
The US first amendment states that “Congress shall make no law… abridging the freedom of speech, or of the press”. What part of ‘no’ does Barack Obama fail to comprehend?
Statement by Julian Assange after One Year in Ecuadorian Embassy
- [en] Statement by Julian Assange after One Year in Ecuadorian Embassy
- [es] Declaración de Julian Assange luego de un año en la Embajada del Ecuador
It has now been a year since I entered this embassy and sought refuge from persecution.
As a result of that decision, I have been able to work in relative safety from a US espionage investigation.
But today, Edward Snowden’s ordeal is just beginning.
Two dangerous runaway processes have taken root in the last decade, with fatal consequences for democracy.
Government secrecy has been expanding on a terrific scale.
Simultaneously, human privacy has been secretly eradicated.
A few weeks ago, Edward Snowden blew the whistle on an ongoing program – involving the Obama administration, the intelligence community and the internet services giants – to spy on everyone in the world.
As if by clockwork, he has been charged with espionage by the Obama administration.
The US government is spying on each and every one of us, but it is Edward Snowden who is charged with espionage for tipping us off.
It is getting to the point where the mark of international distinction and service to humanity is no longer the Nobel Peace Prize, but an espionage indictment from the US Department of Justice.
Edward Snowden is the eighth leaker to be charged with espionage under this president.
Bradley Manning’s show trial enters its fourth week on Monday.
After a litany of wrongs done to him, the US government is trying to convict him of “aiding the enemy.”
The word “traitor” has been thrown around a lot in recent days.
But who is really the traitor here?
Who was it who promised a generation “hope” and “change,” only to betray those promises with dismal misery and stagnation?
Who took an oath to defend the US constitution, only to feed the invisible beast of secret law devouring it alive from the inside out?
Who is it that promised to preside over The Most Transparent Administration in history, only to crush whistleblower after whistleblower with the bootheel of espionage charges?
Who combined in his executive the powers of judge, jury and executioner, and claimed the jurisdiction of the entire earth on which to exercise those powers?
Who arrogates the power to spy on the entire earth – every single one of us – and when he is caught red handed, explains to us that “we’re going to have to make a choice.”
Who is that person?
Let’s be very careful about who we call “traitor”.
Edward Snowden is one of us.
Bradley Manning is one of us.
They are young, technically minded people from the generation that Barack Obama betrayed.
They are the generation that grew up on the internet, and were shaped by it.
The US government is always going to need intelligence analysts and systems administrators, and they are going to have to hire them from this generation and the ones that follow it.
One day, their generation will run the NSA, the CIA and the FBI.
This isn’t a phenomenon that is going away.
This is inevitable.
And by trying to crush these young whistleblowers with espionage charges, the US government is taking on a generation, and that is a battle it is going to lose.
This isn’t how to fix things.
The only way to fix things is this:
Change the policies.
Stop spying on the world.
Eradicate secret law.
Cease indefinite detention without trial.
Stop assassinating people.
Stop invading other countries and sending young Americans off to kill and be killed.
Stop the occupations, and discontinue the secret wars.
Stop eating the young: Edward Snowden, Barrett Brown, Jeremy Hammond, Aaron Swartz, Gottfrid Svartholm, Jacob Appelbaum, and Bradley Manning.
The charging of Edward Snowden is intended to intimidate any country that might be considering standing up for his rights.
That tactic must not be allowed to work.
The effort to find asylum for Edward Snowden must be intensified.
What brave country will stand up for him, and recognize his service to humanity?
Tell your governments to step forward.
Step forward and stand with Snowden.
Collateral Murder
Overview
5th April 2010 10:44 EST WikiLeaks has released a classified US military video depicting the indiscriminate slaying of over a dozen people in the Iraqi suburb of New Baghdad — including two Reuters news staff.
Reuters has been trying to obtain the video through the Freedom of Information Act, without success since the time of the attack. The video, shot from an Apache helicopter gun-sight, clearly shows the unprovoked slaying of a wounded Reuters employee and his rescuers. Two young children involved in the rescue were also seriously wounded.
Short version (or watch on youtube)
Full version (or watch on youtube)
WikiLeaks’ Collateral Murder: U.S. Soldier Ethan McCord’s Eyewitness Story
The military did not reveal how the Reuters staff were killed, and stated that they did not know how the children were injured.
After demands by Reuters, the incident was investigated and the U.S. military concluded that the actions of the soldiers were in accordance with the law of armed conflict and its own “Rules of Engagement”.
Consequently, WikiLeaks has released the classified Rules of Engagement for 2006, 2007 and 2008, revealing these rules before, during, and after the killings.
WikiLeaks has released both the original 38 minutes video and a shorter version with an initial analysis. Subtitles have been added to both versions from the radio transmissions.
WikiLeaks obtained this video as well as supporting documents from a number of military whistleblowers. WikiLeaks goes to great lengths to verify the authenticity of the information it receives. We have analyzed the information about this incident from a variety of source material. We have spoken to witnesses and journalists directly involved in the incident.
WikiLeaks wants to ensure that all the leaked information it receives gets the attention it deserves. In this particular case, some of the people killed were journalists that were simply doing their jobs: putting their lives at risk in order to report on war. Iraq is a very dangerous place for journalists: from 2003- 2009, 139 journalists were killed while doing their work.
‘Vault 7’ CIA hacking documents (2017)
Press Release
Today, Tuesday 7 March 2017, WikiLeaks begins its new series of leaks on the U.S. Central Intelligence Agency. Code-named “Vault 7” by WikiLeaks, it is the largest ever publication of confidential documents on the agency.
The first full part of the series, “Year Zero”, comprises 8,761 documents and files from an isolated, high-security network situated inside the CIA’s Center for Cyber Intelligence in Langley, Virgina. It follows an introductory disclosure last month of CIA targeting French political parties and candidates in the lead up to the 2012 presidential election.
Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized “zero day” exploits, malware remote control systems and associated documentation. This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.
“Year Zero” introduces the scope and direction of the CIA’s global covert hacking program, its malware arsenal and dozens of “zero day” weaponized exploits against a wide range of U.S. and European company products, include Apple’s iPhone, Google’s Android and Microsoft’s Windows and even Samsung TVs, which are turned into covert microphones.
Since 2001 the CIA has gained political and budgetary preeminence over the U.S. National Security Agency (NSA). The CIA found itself building not just its now infamous drone fleet, but a very different type of covert, globe-spanning force — its own substantial fleet of hackers. The agency’s hacking division freed it from having to disclose its often controversial operations to the NSA (its primary bureaucratic rival) in order to draw on the NSA’s hacking capacities.
By the end of 2016, the CIA’s hacking division, which formally falls under the agency’s Center for Cyber Intelligence (CCI), had over 5000 registered users and had produced more than a thousand hacking systems, trojans, viruses, and other “weaponized” malware. Such is the scale of the CIA’s undertaking that by 2016, its hackers had utilized more code than that used to run Facebook. The CIA had created, in effect, its “own NSA” with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified.
In a statement to WikiLeaks the source details policy questions that they say urgently need to be debated in public, including whether the CIA’s hacking capabilities exceed its mandated powers and the problem of public oversight of the agency. The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons.
Once a single cyber ‘weapon’ is ‘loose’ it can spread around the world in seconds, to be used by rival states, cyber mafia and teenage hackers alike.
Julian Assange, WikiLeaks editor stated that “There is an extreme proliferation risk in the development of cyber ‘weapons’. Comparisons can be drawn between the uncontrolled proliferation of such ‘weapons’, which results from the inability to contain them combined with their high market value, and the global arms trade. But the significance of “Year Zero” goes well beyond the choice between cyberwar and cyberpeace. The disclosure is also exceptional from a political, legal and forensic perspective.”
Wikileaks has carefully reviewed the “Year Zero” disclosure and published substantive CIA documentation while avoiding the distribution of ‘armed’ cyberweapons until a consensus emerges on the technical and political nature of the CIA’s program and how such ‘weapons’ should analyzed, disarmed and published.
Wikileaks has also decided to redact and anonymise some identifying information in “Year Zero” for in depth analysis. These redactions include ten of thousands of CIA targets and attack machines throughout Latin America, Europe and the United States. While we are aware of the imperfect results of any approach chosen, we remain committed to our publishing model and note that the quantity of published pages in “Vault 7” part one (“Year Zero”) already eclipses the total number of pages published over the first three years of the Edward Snowden NSA leaks.
Analysis
CIA malware targets iPhone, Android, smart TVs
CIA malware and hacking tools are built by EDG (Engineering Development Group), a software development group within CCI (Center for Cyber Intelligence), a department belonging to the CIA’s DDI (Directorate for Digital Innovation). The DDI is one of the five major directorates of the CIA (see this organizational chart of the CIA for more details).
The EDG is responsible for the development, testing and operational support of all backdoors, exploits, malicious payloads, trojans, viruses and any other kind of malware used by the CIA in its covert operations world-wide.
The increasing sophistication of surveillance techniques has drawn comparisons with George Orwell’s 1984, but “Weeping Angel”, developed by the CIA’s Embedded Devices Branch (EDB), which infests smart TVs, transforming them into covert microphones, is surely its most emblematic realization.
The attack against Samsung smart TVs was developed in cooperation with the United Kingdom’s MI5/BTSS. After infestation, Weeping Angel places the target TV in a ‘Fake-Off’ mode, so that the owner falsely believes the TV is off when it is on. In ‘Fake-Off’ mode the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.
As of October 2014 the CIA was also looking at infecting the vehicle control systems used by modern cars and trucks. The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations.
The CIA’s Mobile Devices Branch (MDB) developed numerous attacks to remotely hack and control popular smart phones. Infected phones can be instructed to send the CIA the user’s geolocation, audio and text communications as well as covertly activate the phone’s camera and microphone.
Despite iPhone’s minority share (14.5%) of the global smart phone market in 2016, a specialized unit in the CIA’s Mobile Development Branch produces malware to infest, control and exfiltrate data from iPhones and other Apple products running iOS, such as iPads. CIA’s arsenal includes numerous local and remote “zero days” developed by CIA or obtained from GCHQ, NSA, FBI or purchased from cyber arms contractors such as Baitshop. The disproportionate focus on iOS may be explained by the popularity of the iPhone among social, political, diplomatic and business elites.
A similar unit targets Google’s Android which is used to run the majority of the world’s smart phones (~85%) including Samsung, HTC and Sony. 1.15 billion Android powered phones were sold last year. “Year Zero” shows that as of 2016 the CIA had 24 “weaponized” Android “zero days” which it has developed itself and obtained from GCHQ, NSA and cyber arms contractors.
These techniques permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman by hacking the “smart” phones that they run on and collecting audio and message traffic before encryption is applied.
CIA malware targets Windows, OSx, Linux, routers
The CIA also runs a very substantial effort to infect and control Microsoft Windows users with its malware. This includes multiple local and remote weaponized “zero days”, air gap jumping viruses such as “Hammer Drill” which infects software distributed on CD/DVDs, infectors for removable media such as USBs, systems to hide data in images or in covert disk areas ( “Brutal Kangaroo”) and to keep its malware infestations going.
Many of these infection efforts are pulled together by the CIA’s Automated Implant Branch (AIB), which has developed several attack systems for automated infestation and control of CIA malware, such as “Assassin” and “Medusa”.
Attacks against Internet infrastructure and webservers are developed by the CIA’s Network Devices Branch (NDB).
The CIA has developed automated multi-platform malware attack and control systems covering Windows, Mac OS X, Solaris, Linux and more, such as EDB’s “HIVE” and the related “Cutthroat” and “Swindle” tools, which are described in the examples section below.
CIA ‘hoarded’ vulnerabilities (“zero days”)
In the wake of Edward Snowden’s leaks about the NSA, the U.S. technology industry secured a commitment from the Obama administration that the executive would disclose on an ongoing basis — rather than hoard — serious vulnerabilities, exploits, bugs or “zero days” to Apple, Google, Microsoft, and other US-based manufacturers.
Serious vulnerabilities not disclosed to the manufacturers places huge swathes of the population and critical infrastructure at risk to foreign intelligence or cyber criminals who independently discover or hear rumors of the vulnerability. If the CIA can discover such vulnerabilities so can others.
The U.S. government’s commitment to the Vulnerabilities Equities Process came after significant lobbying by US technology companies, who risk losing their share of the global market over real and perceived hidden vulnerabilities. The government stated that it would disclose all pervasive vulnerabilities discovered after 2010 on an ongoing basis.
“Year Zero” documents show that the CIA breached the Obama administration’s commitments. Many of the vulnerabilities used in the CIA’s cyber arsenal are pervasive and some may already have been found by rival intelligence agencies or cyber criminals.
As an example, specific CIA malware revealed in “Year Zero” is able to penetrate, infest and control both the Android phone and iPhone software that runs or has run presidential Twitter accounts. The CIA attacks this software by using undisclosed security vulnerabilities (“zero days”) possessed by the CIA but if the CIA can hack these phones then so can everyone else who has obtained or discovered the vulnerability. As long as the CIA keeps these vulnerabilities concealed from Apple and Google (who make the phones) they will not be fixed, and the phones will remain hackable.
The same vulnerabilities exist for the population at large, including the U.S. Cabinet, Congress, top CEOs, system administrators, security officers and engineers. By hiding these security flaws from manufacturers like Apple and Google the CIA ensures that it can hack everyone &mdsh; at the expense of leaving everyone hackable.
‘Cyberwar’ programs are a serious proliferation risk
Cyber ‘weapons’ are not possible to keep under effective control.
While nuclear proliferation has been restrained by the enormous costs and visible infrastructure involved in assembling enough fissile material to produce a critical nuclear mass, cyber ‘weapons’, once developed, are very hard to retain.
Cyber ‘weapons’ are in fact just computer programs which can be pirated like any other. Since they are entirely comprised of information they can be copied quickly with no marginal cost.
Securing such ‘weapons’ is particularly difficult since the same people who develop and use them have the skills to exfiltrate copies without leaving traces — sometimes by using the very same ‘weapons’ against the organizations that contain them. There are substantial price incentives for government hackers and consultants to obtain copies since there is a global “vulnerability market” that will pay hundreds of thousands to millions of dollars for copies of such ‘weapons’. Similarly, contractors and companies who obtain such ‘weapons’ sometimes use them for their own purposes, obtaining advantage over their competitors in selling ‘hacking’ services.
Over the last three years the United States intelligence sector, which consists of government agencies such as the CIA and NSA and their contractors, such as Booz Allan Hamilton, has been subject to unprecedented series of data exfiltrations by its own workers.
A number of intelligence community members not yet publicly named have been arrested or subject to federal criminal investigations in separate incidents.
Most visibly, on February 8, 2017 a U.S. federal grand jury indicted Harold T. Martin III with 20 counts of mishandling classified information. The Department of Justice alleged that it seized some 50,000 gigabytes of information from Harold T. Martin III that he had obtained from classified programs at NSA and CIA, including the source code for numerous hacking tools.
Once a single cyber ‘weapon’ is ‘loose’ it can spread around the world in seconds, to be used by peer states, cyber mafia and teenage hackers alike.
U.S. Consulate in Frankfurt is a covert CIA hacker base
In addition to its operations in Langley, Virginia the CIA also uses the U.S. consulate in Frankfurt as a covert base for its hackers covering Europe, the Middle East and Africa.
CIA hackers operating out of the Frankfurt consulate ( “Center for Cyber Intelligence Europe” or CCIE) are given diplomatic (“black”) passports and State Department cover. The instructions for incoming CIA hackers make Germany’s counter-intelligence efforts appear inconsequential: “Breeze through German Customs because you have your cover-for-action story down pat, and all they did was stamp your passport”
Your Cover Story (for this trip)
Q: Why are you here?
A: Supporting technical consultations at the Consulate.
Two earlier WikiLeaks publications give further detail on CIA approaches to customs and secondary screening procedures.
Once in Frankfurt CIA hackers can travel without further border checks to the 25 European countries that are part of the Shengen open border area — including France, Italy and Switzerland.
A number of the CIA’s electronic attack methods are designed for physical proximity. These attack methods are able to penetrate high security networks that are disconnected from the internet, such as police record database. In these cases, a CIA officer, agent or allied intelligence officer acting under instructions, physically infiltrates the targeted workplace. The attacker is provided with a USB containing malware developed for the CIA for this purpose, which is inserted into the targeted computer. The attacker then infects and exfiltrates data to removable media. For example, the CIA attack system Fine Dining, provides 24 decoy applications for CIA spies to use. To witnesses, the spy appears to be running a program showing videos (e.g VLC), presenting slides (Prezi), playing a computer game (Breakout2, 2048) or even running a fake virus scanner (Kaspersky, McAfee, Sophos). But while the decoy application is on the screen, the underlaying system is automatically infected and ransacked.
How the CIA dramatically increased proliferation risks
In what is surely one of the most astounding intelligence own goals in living memory, the CIA structured its classification regime such that for the most market valuable part of “Vault 7” — the CIA’s weaponized malware (implants + zero days), Listening Posts (LP), and Command and Control (C2) systems — the agency has little legal recourse.
The CIA made these systems unclassified.
Why the CIA chose to make its cyberarsenal unclassified reveals how concepts developed for military use do not easily crossover to the ‘battlefield’ of cyber ‘war’.
To attack its targets, the CIA usually requires that its implants communicate with their control programs over the internet. If CIA implants, Command & Control and Listening Post software were classified, then CIA officers could be prosecuted or dismissed for violating rules that prohibit placing classified information onto the Internet. Consequently the CIA has secretly made most of its cyber spying/war code unclassified. The U.S. government is not able to assert copyright either, due to restrictions in the U.S. Constitution. This means that cyber ‘arms’ manufactures and computer hackers can freely “pirate” these ‘weapons’ if they are obtained. The CIA has primarily had to rely on obfuscation to protect its malware secrets.
Conventional weapons such as missiles may be fired at the enemy (i.e into an unsecured area). Proximity to or impact with the target detonates the ordnance including its classified parts. Hence military personnel do not violate classification rules by firing ordnance with classified parts. Ordnance will likely explode. If it does not, that is not the operator’s intent.
Over the last decade U.S. hacking operations have been increasingly dressed up in military jargon to tap into Department of Defense funding streams. For instance, attempted “malware injections” (commercial jargon) or “implant drops” (NSA jargon) are being called “fires” as if a weapon was being fired. However the analogy is questionable.
Unlike bullets, bombs or missiles, most CIA malware is designed to live for days or even years after it has reached its ‘target’. CIA malware does not “explode on impact” but rather permanently infests its target. In order to infect target’s device, copies of the malware must be placed on the target’s devices, giving physical possession of the malware to the target. To exfiltrate data back to the CIA or to await further instructions the malware must communicate with CIA Command & Control (C2) systems placed on internet connected servers. But such servers are typically not approved to hold classified information, so CIA command and control systems are also made unclassified.
A successful ‘attack’ on a target’s computer system is more like a series of complex stock maneuvers in a hostile take-over bid or the careful planting of rumors in order to gain control over an organization’s leadership rather than the firing of a weapons system. If there is a military analogy to be made, the infestation of a target is perhaps akin to the execution of a whole series of military maneuvers against the target’s territory including observation, infiltration, occupation and exploitation.
Evading forensics and anti-virus
A series of standards lay out CIA malware infestation patterns which are likely to assist forensic crime scene investigators as well as Apple, Microsoft, Google, Samsung, Nokia, Blackberry, Siemens and anti-virus companies attribute and defend against attacks.
“Tradecraft DO’s and DON’Ts” contains CIA rules on how its malware should be written to avoid fingerprints implicating the “CIA, US government, or its witting partner companies” in “forensic review”. Similar secret standards cover the use of encryption to hide CIA hacker and malware communication (pdf), describing targets & exfiltrated data (pdf) as well as executing payloads (pdf) and persisting (pdf) in the target’s machines over time.
CIA hackers developed successful attacks against most well known anti-virus programs. These are documented in AV defeats, Personal Security Products, Detecting and defeating PSPs and PSP/Debugger/RE Avoidance. For example, Comodo was defeated by CIA malware placing itself in the Window’s “Recycle Bin”. While Comodo 6.x has a “Gaping Hole of DOOM”.
CIA hackers discussed what the NSA’s “Equation Group” hackers did wrong and how the CIA’s malware makers could avoid similar exposure.
Examples
The CIA’s Engineering Development Group (EDG) management system contains around 500 different projects (only some of which are documented by “Year Zero”) each with their own sub-projects, malware and hacker tools.
The majority of these projects relate to tools that are used for penetration, infestation (“implanting”), control, and exfiltration.
Another branch of development focuses on the development and operation of Listening Posts (LP) and Command and Control (C2) systems used to communicate with and control CIA implants; special projects are used to target specific hardware from routers to smart TVs.
Some example projects are described below, but see the table of contents for the full list of projects described by WikiLeaks’ “Year Zero”.
UMBRAGE
The CIA’s hand crafted hacking techniques pose a problem for the agency. Each technique it has created forms a “fingerprint” that can be used by forensic investigators to attribute multiple different attacks to the same entity.
This is analogous to finding the same distinctive knife wound on multiple separate murder victims. The unique wounding style creates suspicion that a single murderer is responsible. As soon one murder in the set is solved then the other murders also find likely attribution.
The CIA’s Remote Devices Branch‘s UMBRAGE group collects and maintains a substantial library of attack techniques ‘stolen’ from malware produced in other states including the Russian Federation.
With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the “fingerprints” of the groups that the attack techniques were stolen from.
UMBRAGE components cover keyloggers, password collection, webcam capture, data destruction, persistence, privilege escalation, stealth, anti-virus (PSP) avoidance and survey techniques.
Fine Dining
Fine Dining comes with a standardized questionnaire i.e menu that CIA case officers fill out. The questionnaire is used by the agency’s OSB (Operational Support Branch) to transform the requests of case officers into technical requirements for hacking attacks (typically “exfiltrating” information from computer systems) for specific operations. The questionnaire allows the OSB to identify how to adapt existing tools for the operation, and communicate this to CIA malware configuration staff. The OSB functions as the interface between CIA operational staff and the relevant technical support staff.
Among the list of possible targets of the collection are ‘Asset’, ‘Liason Asset’, ‘System Administrator’, ‘Foreign Information Operations’, ‘Foreign Intelligence Agencies’ and ‘Foreign Government Entities’. Notably absent is any reference to extremists or transnational criminals. The ‘Case Officer’ is also asked to specify the environment of the target like the type of computer, operating system used, Internet connectivity and installed anti-virus utilities (PSPs) as well as a list of file types to be exfiltrated like Office documents, audio, video, images or custom file types. The ‘menu’ also asks for information if recurring access to the target is possible and how long unobserved access to the computer can be maintained. This information is used by the CIA’s ‘JQJIMPROVISE’ software (see below) to configure a set of CIA malware suited to the specific needs of an operation.
Improvise (JQJIMPROVISE)
‘Improvise’ is a toolset for configuration, post-processing, payload setup and execution vector selection for survey/exfiltration tools supporting all major operating systems like Windows (Bartender), MacOS (JukeBox) and Linux (DanceFloor). Its configuration utilities like Margarita allows the NOC (Network Operation Center) to customize tools based on requirements from ‘Fine Dining’ questionairies.
HIVE
HIVE is a multi-platform CIA malware suite and its associated control software. The project provides customizable implants for Windows, Solaris, MikroTik (used in internet routers) and Linux platforms and a Listening Post (LP)/Command and Control (C2) infrastructure to communicate with these implants.
The implants are configured to communicate via HTTPS with the webserver of a cover domain; each operation utilizing these implants has a separate cover domain and the infrastructure can handle any number of cover domains.
Each cover domain resolves to an IP address that is located at a commercial VPS (Virtual Private Server) provider. The public-facing server forwards all incoming traffic via a VPN to a ‘Blot’ server that handles actual connection requests from clients. It is setup for optional SSL client authentication: if a client sends a valid client certificate (only implants can do that), the connection is forwarded to the ‘Honeycomb’ toolserver that communicates with the implant; if a valid certificate is missing (which is the case if someone tries to open the cover domain website by accident), the traffic is forwarded to a cover server that delivers an unsuspicious looking website.
The Honeycomb toolserver receives exfiltrated information from the implant; an operator can also task the implant to execute jobs on the target computer, so the toolserver acts as a C2 (command and control) server for the implant.
Similar functionality (though limited to Windows) is provided by the RickBobby project.
See the classified user and developer guides for HIVE.
Frequently Asked Questions
Why now?
WikiLeaks published as soon as its verification and analysis were ready.
In Febuary the Trump administration has issued an Executive Order calling for a “Cyberwar” review to be prepared within 30 days.
While the review increases the timeliness and relevance of the publication it did not play a role in setting the publication date.
Redactions
Names, email addresses and external IP addresses have been redacted in the released pages (70,875 redactions in total) until further analysis is complete.
- Over-redaction: Some items may have been redacted that are not employees, contractors, targets or otherwise related to the agency, but are, for example, authors of documentation for otherwise public projects that are used by the agency.
- Identity vs. person: the redacted names are replaced by user IDs (numbers) to allow readers to assign multiple pages to a single author. Given the redaction process used a single person may be represented by more than one assigned identifier but no identifier refers to more than one real person.
- Archive attachments (zip, tar.gz, …) are replaced with a PDF listing all the file names in the archive. As the archive content is assessed it may be made available; until then the archive is redacted.
- Attachments with other binary content are replaced by a hex dump of the content to prevent accidental invocation of binaries that may have been infected with weaponized CIA malware. As the content is assessed it may be made available; until then the content is redacted.
- The tens of thousands of routable IP addresses references (including more than 22 thousand within the United States) that correspond to possible targets, CIA covert listening post servers, intermediary and test systems, are redacted for further exclusive investigation.
- Binary files of non-public origin are only available as dumps to prevent accidental invocation of CIA malware infected binaries.
Organizational Chart
The organizational chart corresponds to the material published by WikiLeaks so far.
Since the organizational structure of the CIA below the level of Directorates is not public, the placement of the EDG and its branches within the org chart of the agency is reconstructed from information contained in the documents released so far. It is intended to be used as a rough outline of the internal organization; please be aware that the reconstructed org chart is incomplete and that internal reorganizations occur frequently.
Wiki pages
“Year Zero” contains 7818 web pages with 943 attachments from the internal development groupware. The software used for this purpose is called Confluence, a proprietary software from Atlassian. Webpages in this system (like in Wikipedia) have a version history that can provide interesting insights on how a document evolved over time; the 7818 documents include these page histories for 1136 latest versions.
The order of named pages within each level is determined by date (oldest first). Page content is not present if it was originally dynamically created by the Confluence software (as indicated on the re-constructed page).
What time period is covered?
The years 2013 to 2016. The sort order of the pages within each level is determined by date (oldest first).
WikiLeaks has obtained the CIA’s creation/last modification date for each page but these do not yet appear for technical reasons. Usually the date can be discerned or approximated from the content and the page order. If it is critical to know the exact time/date contact WikiLeaks.
What is “Vault 7”
“Vault 7” is a substantial collection of material about CIA activities obtained by WikiLeaks.
When was each part of “Vault 7” obtained?
Part one was obtained recently and covers through 2016. Details on the other parts will be available at the time of publication.
Is each part of “Vault 7” from a different source?
Details on the other parts will be available at the time of publication.
What is the total size of “Vault 7”?
The series is the largest intelligence publication in history.
How did WikiLeaks obtain each part of “Vault 7”?
Sources trust WikiLeaks to not reveal information that might help identify them.
Isn’t WikiLeaks worried that the CIA will act against its staff to stop the series?
No. That would be certainly counter-productive.
Has WikiLeaks already ‘mined’ all the best stories?
No. WikiLeaks has intentionally not written up hundreds of impactful stories to encourage others to find them and so create expertise in the area for subsequent parts in the series. They’re there. Look. Those who demonstrate journalistic excellence may be considered for early access to future parts.
Won’t other journalists find all the best stories before me?
Unlikely. There are very considerably more stories than there are journalists or academics who are in a position to write them.
WikiLeaks publishes the Saudi Cables
Today, Friday 19th June at 1pm GMT, WikiLeaks began publishing The Saudi Cables: more than half a million cables and other documents from the Saudi Foreign Ministry that contain secret communications from various Saudi Embassies around the world. The publication includes “Top Secret” reports from other Saudi State institutions, including the Ministry of Interior and the Kingdom’s General Intelligence Services. The massive cache of data also contains a large number of email communications between the Ministry of Foreign Affairs and foreign entities. The Saudi Cables are being published in tranches of tens of thousands of documents at a time over the coming weeks. Today WikiLeaks is releasing around 70,000 documents from the trove as the first tranche.
Julian Assange, WikiLeaks publisher, said: “The Saudi Cables lift the lid on a increasingly erratic and secretive dictatorship that has not only celebrated its 100th beheading this year, but which has also become a menace to its neighbours and itself.”
The Kingdom of Saudi Arabia is a hereditary dictatorship bordering the Persian Gulf. Despite the Kingdom’s infamous human rights record, Saudi Arabia remains a top-tier ally of the United States and the United Kingdom in the Middle East, largely owing to its globally unrivalled oil reserves. The Kingdom frequently tops the list of oil-producing countries, which has given the Kingdom disproportionate influence in international affairs. Each year it pushes billions of petro-dollars into the pockets of UK banks and US arms companies. Last year it became the largest arms importer in the world, eclipsing China, India and the combined countries of Western Europe. The Kingdom has since the 1960s played a major role in the Organization of Petroleum Exporting Countries (OPEC) and the Cooperation Council for the Arab States of the Gulf (GCC) and dominates the global Islamic charity market.
For 40 years the Kingdom’s Ministry of Foreign Affairs was headed by one man: Saud al Faisal bin Abdulaziz, a member of the Saudi royal family, and the world’s longest-serving foreign minister. The end of Saud al Faisal’s tenure, which began in 1975, coincided with the royal succession upon the death of King Abdullah in January 2015. Saud al Faisal’s tenure over the Ministry covered its handling of key events and issues in the foreign relations of Saudi Arabia, from the fall of the Shah and the second Oil Crisis to the September 11 attacks and its ongoing proxy war against Iran. The Saudi Cables provide key insights into the Kingdom’s operations and how it has managed its alliances and consolidated its position as a regional Middle East superpower, including through bribing and co-opting key individuals and institutions. The cables also illustrate the highly centralised bureaucratic structure of the Kingdom, where even the most minute issues are addressed by the most senior officials.
Since late March 2015 the Kingdom of Saudi Arabia has been involved in a war in neighbouring Yemen. The Saudi Foreign Ministry in May 2015 admitted to a breach of its computer networks. Responsibility for the breach was attributed to a group calling itself the Yemeni Cyber Army. The group subsequently released a number of valuable “sample” document sets from the breach on file-sharing sites, which then fell under censorship attacks. The full WikiLeaks trove comprises thousands of times the number of documents and includes hundreds of thousands of pages of scanned images of Arabic text. In a major journalistic research effort, WikiLeaks has extracted the text from these images and placed them into our searchable database. The trove also includes tens of thousands of text files and spreadsheets as well as email messages, which have been made searchable through the WikiLeaks search engine.
By coincidence, the Saudi Cables release also marks two other events. Today marks three years since WikiLeaks founder Julian Assange entered the Ecuadorian Embassy in London seeking asylum from US persecution, having been held for almost five years without charge in the United Kingdom. Also today Google revealed that it had been been forced to hand over more data to the US government in order to assist the prosecution of WikiLeaks staff under US espionage charges arising from our publication of US diplomatic cables.
WikiLeaks Reveals Secret Files on All Guantánamo Prisoners
In its latest release of classified US documents, WikiLeaks is shining the light of truth on a notorious icon of the Bush administration’s “War on Terror” — the prison at Guantánamo Bay, Cuba, which opened on January 11, 2002, and remains open under President Obama, despite his promise to close the much-criticized facility within a year of taking office.
In thousands of pages of documents dating from 2002 to 2008 and never seen before by members of the public or the media, the cases of the majority of the prisoners held at Guantánamo — 765 out of 779 in total — are described in detail in memoranda from JTF-GTMO, the Joint Task Force at Guantánamo Bay, to US Southern Command in Miami, Florida.
These memoranda, known as Detainee Assessment Briefs (DABs), contain JTF-GTMO’s recommendations about whether the prisoners in question should continue to be held, or should be released (transferred to their home governments, or to other governments). They consist of a wealth of important and previously undisclosed information, including health assessments, for example, and, in the cases of the majority of the 172 prisoners who are still held, photos (mostly for the first time ever).
They also include information on the first 201 prisoners released from the prison, between 2002 and 2004, which, unlike information on the rest of the prisoners (summaries of evidence and tribunal transcripts, released as the result of a lawsuit filed by media groups in 2006), has never been made public before. Most of these documents reveal accounts of incompetence familiar to those who have studied Guantánamo closely, with innocent men detained by mistake (or because the US was offering substantial bounties to its allies for al-Qaeda or Taliban suspects), and numerous insignificant Taliban conscripts from Afghanistan and Pakistan.
Beyond these previously unknown cases, the documents also reveal stories of the 399 other prisoners released from September 2004 to the present day, and of the seven men who have died at the prison.
The memos are signed by the commander of Guantánamo at the time, and describe whether the prisoners in question are regarded as low, medium or high risk. Although they were obviously not conclusive in and of themselves, as final decisions about the disposition of prisoners were taken at a higher level, they represent not only the opinions of JTF-GTMO, but also the Criminal Investigation Task Force, created by the Department of Defense to conduct interrogations in the “War on Terror,” and the BSCTs, the behavioral science teams consisting of psychologists who had a major say in the “exploitation” of prisoners in interrogation.
Crucially, the files also contain detailed explanations of the supposed intelligence used to justify the prisoners’ detention. For many readers, these will be the most fascinating sections of the documents, as they seem to offer an extraordinary insight into the workings of US intelligence, but although many of the documents appear to promise proof of prisoners’ association with al-Qaeda or other terrorist organizations, extreme caution is required.
The documents draw on the testimony of witnesses — in most cases, the prisoners’ fellow prisoners — whose words are unreliable, either because they were subjected to torture or other forms of coercion (sometimes not in Guantánamo, but in secret prisons run by the CIA), or because they provided false statements to secure better treatment in Guantánamo.
Regular appearances throughout these documents by witnesses whose words should be regarded as untrustworthy include the following “high-value detainees” or “ghost prisoners”. Please note that “ISN” and the numbers in brackets following the prisoners’ names refer to the short “Internment Serial Numbers” by which the prisoners are or were identified in US custody:
Abu Zubaydah (ISN 10016), the supposed “high-value detainee” seized in Pakistan in March 2002, who spent four and a half years in secret CIA prisons, including facilities in Thailand and Poland. Subjected to waterboarding, a form of controlled drowning, on 83 occasions in CIA custody August 2002, Abu Zubaydah was moved to Guantánamo with 13 other “high-value detainees” in September 2006.
Ibn al-Shaykh al-Libi (ISN 212), the emir of a military training camp for which Abu Zubaydah was the gatekeeper, who, despite having his camp closed by the Taliban in 2000, because he refused to allow it to be taken over by al-Qaeda, is described in these documents as Osama bin Laden’s military commander in Tora Bora. Soon after his capture in December 2001, al-Libi was rendered by the CIA to Egypt, where, under torture, he falsely confessed that al-Qaeda operatives had been meeting with Saddam Hussein to discuss obtaining chemical and biological weapons. Al-Libi recanted this particular lie, but it was nevertheless used by the Bush administration to justify the invasion of Iraq in March 2003. Al-Libi was never sent to Guantánamo, although at some point, probably in 2006, the CIA sent him back to Libya, where he was imprisoned, and where he died, allegedly by committing suicide, in May 2009.
Sharqawi Abdu Ali al-Hajj (ISN 1457), a Yemeni, also known as Riyadh the Facilitator, who was seized in a house raid in Pakistan in February 2002, and is described as “an al-Qaeda facilitator.” After his capture, he was transferred to a torture prison in Jordan run on behalf of the CIA, where he was held for nearly two years, and was then held for six months in US facilities in Afghanistan. He was flown to Guantánamo in September 2004.
Sanad Yislam al-Kazimi (ISN 1453), a Yemeni, who was seized in the UAE in January 2003, and then held in three secret prisons, including the “Dark Prison” near Kabul and a secret facility within the US prison at Bagram airbase. In February 2010, in the District Court in Washington D.C., Judge Henry H. Kennedy Jr. granted the habeas corpus petition of a Yemeni prisoner, Uthman Abdul Rahim Mohammed Uthman, largely because he refused to accept testimony produced by either Sharqawi al-Hajj or Sanad al-Kazimi. As he stated, “The Court will not rely on the statements of Hajj or Kazimi because there is unrebutted evidence in the record that, at the time of the interrogations at which they made the statements, both men had recently been tortured.”
Others include Ahmed Khalfan Ghailani (ISN 10012) and Walid bin Attash (ISN 10014), two more of the “high-value detainees” transferred into Guantánamo in September 2006, after being held in secret CIA prisons.
Other unreliable witnesses, held at Guantánamo throughout their detention, include:
Yasim Basardah (ISN 252), a Yemeni known as a notorious liar. As the Washington Post reported in February 2009, he was given preferential treatment in Guantánamo after becoming what some officials regarded as a significant informant, although there were many reasons to be doubtful. As the Post noted, “military officials … expressed reservations about the credibility of their star witness since 2004,” and in 2006, in an article for the National Journal, Corine Hegland described how, after a Combatant Status Review Tribunal at which a prisoner had taken exception to information provided by Basardah, placing him at a training camp before he had even arrived in Afghanistan, his personal representative (a military official assigned instead of a lawyer) investigated Basardah’s file, and found that he had made similar claims against 60 other prisoners in total. In January 2009, in the District Court in Washington D.C., Judge Richard Leon (an appointee of George W. Bush) excluded Basardah’s statements while granting the habeas corpus petition of Mohammed El-Gharani, a Chadian national who was just 14 years old when he was seized in a raid on a mosque in Pakistan. Judge Leon noted that the government had “specifically cautioned against relying on his statements without independent corroboration,” and in other habeas cases that followed, other judges relied on this precedent, discrediting the “star witness” still further.
Mohammed al-Qahtani (ISN 063), a Saudi regarded as the planned 20th hijacker for the 9/11 attacks, was subjected to a specific torture program at Guantánamo, approved by defense secretary Donald Rumsfeld. This consisted of 20-hour interrogations every day, over a period of several months, and various other “enhanced interrogation techniques,” which severely endangered his health. Variations of these techniques then migrated to other prisoners in Guantánamo (and to Abu Ghraib), and in January 2009, just before George W. Bush left office, Susan Crawford, a retired judge and a close friend of Dick Cheney and David Addington, who was appointed to oversee the military commissions at Guantánamo as the convening authority, told Bob Woodward that she had refused to press charges against al-Qahtani, because, as she said, “We tortured Qahtani. His treatment met the legal definition of torture.” As a result, his numerous statements about other prisoners must be regarded as worthless.
Abd al-Hakim Bukhari (ISN 493), a Saudi imprisoned by al-Qaeda as a spy, who was liberated by US forces from a Taliban jail before being sent, inexplicably, to Guantánamo (along with four other men liberated from the jail) is regarded in the files as a member of al-Qaeda, and a trustworthy witness.
Abd al-Rahim Janko (ISN 489), a Syrian Kurd, tortured by al-Qaeda as a spy and then imprisoned by the Taliban along with Abd al-Hakim Bukhari, above, is also used as a witness, even though he was mentally unstable. As his assessment in June 2008 stated, “Detainee is on a list of high-risk detainees from a health perspective … He has several chronic medical problems. He has a psychiatric history of substance abuse, depression, borderline personality disorder, and prior suicide attempt for which he is followed by behavioral health for treatment.”
These are just some of the most obvious cases, but alert readers will notice that they are cited repeatedly in what purports to be the government’s evidence, and it should, as a result, be difficult not to conclude that the entire edifice constructed by the government is fundamentally unsound, and that what the Guantánamo Files reveal, primarily, is that only a few dozen prisoners are genuinely accused of involvement in terrorism.
The rest, these documents reveal on close inspection, were either innocent men and boys, seized by mistake, or Taliban foot soldiers, unconnected to terrorism. Moreover, many of these prisoners were actually sold to US forces, who were offering bounty payments for al-Qaeda and Taliban suspects, by their Afghan and Pakistani allies — a policy that led ex-President Musharraf to state, in his 2006 memoir, In the Line of Fire, that, in return for handing over 369 terror suspects to the US, the Pakistani government “earned bounty payments totalling millions of dollars.”
Uncomfortable facts like these are not revealed in the deliberations of the Joint Task Force, but they are crucial to understanding why what can appear to be a collection of documents confirming the government’s scaremongering rhetoric about Guantánamo — the same rhetoric that has paralyzed President Obama, and revived the politics of fear in Congress — is actually the opposite: the anatomy of a colossal crime perpetrated by the US government on 779 prisoners who, for the most part, are not and never have been the terrorists the government would like us to believe they are.
(Andy Worthington)
How to Read WikiLeaks’ Guantánamo Files
The nearly 800 documents in WikiLeaks’ latest release of classified US documents are memoranda from Joint Task Force Guantánamo (JTF-GTMO), the combined force in charge of the US “War on Terror” prison at Guantánamo Bay, Cuba, to US Southern Command, in Miami, Florida, regarding the disposition of the prisoners.
Written between 2002 and 2008, the memoranda were all marked as “secret,” and their subject was whether to continue holding a prisoner, or whether to recommend his release (described as his “transfer” — to the custody of his own government, or that of some other government). They were obviously not conclusive in and of themselves, as final decisions about the disposition of prisoners were taken at a higher level, but they are very significant, as they represent not only the opinions of JTF-GTMO, but also the Criminal Investigation Task Force, created by the Department of Defense to conduct interrogations in the “War on Terror,” and the BSCTs, the behavioral science teams consisting of psychologists who had a major say in the “exploitation” of prisoners in interrogation.
Under the heading, “JTF-GTMO Detainee Assessment,” the memos generally contain nine sections, describing the prisoners as follows, although the earlier examples, especially those dealing with prisoners released — or recommended for release — between 2002 and 2004, may have less detailed analyses than the following:
1. Personal information
Each prisoner is identified by name, by aliases, which the US claims to have identified, by place and date of birth, by citizenship, and by Internment Serial Number (ISN). These long lists of numbers and letters — e.g. US9YM-000027DP — are used to identify the prisoners in Guantánamo, helping to dehumanize them, as intended, by doing away with their names. The most significant section is the number towards the end, which is generally shortened, so that the example above would be known as ISN 027. In the files, the prisoners are identified by nationality, with 47 countries in total listed alphabetically, from “az” for Afghanistan to “ym” for Yemen.
2. Health
This section describes whether or not the prisoner in question has mental health issues and/or physical health issues. Many are judged to be in good health, but there are some shocking examples of prisoners with severe mental and/or physical problems.
3. JTF-GTMO Assessment
a. Under “Recommendation,” the Task Force explains whether a prisoner should continue to be held, or should be released. b. Under “Executive Summary,” the Task Force briefly explains its reasoning, and, in more recent cases, also explains whether the prisoner is a low, medium or high risk as a threat to the US and its allies and as a threat in detention (i.e. based on their behavior in Guantánamo), and also whether they are regarded as of low, medium or high intelligence value. c. Under “Summary of Changes,” the Task Force explains whether there has been any change in the information provided since the last appraisal (generally, the prisoners are appraised on an annual basis).
4. Detainee’s Account of Events
Based on the prisoners’ own testimony, this section puts together an account of their history, and how they came to be seized, in Afghanistan, Pakistan or elsewhere, based on their own words.
5. Capture Information
This section explains how and where the prisoners were seized, and is followed by a description of their possessions at the time of capture, the date of their transfer to Guantánamo, and, spuriously, “Reasons for Transfer to JTF-GTMO,” which lists alleged reasons for the prisoners’ transfer, such as knowledge of certain topics for exploitation through interrogation. The reason that this is unconvincing is because, as former interrogator Chris Mackey (a pseudonym) explained in his book The Interrogators, the US high command, based in Camp Doha, Kuwait, stipulated that every prisoner who ended up in US custody had to be transferred to Guantánamo — and that there were no exceptions; in other words, the “Reasons for transfer” were grafted on afterwards, as an attempt to justify the largely random rounding-up of prisoners.
6. Evaluation of Detainee’s Account
In this section, the Task Force analyzes whether or not they find the prisoners’ accounts convincing.
7. Detainee Threat
This section is the most significant from the point of view of the supposed intelligence used to justify the detention of prisoners. After “Assessment,” which reiterates the conclusion at 3b, the main section, “Reasons for Continued Detention,” may, at first glance, look convincing, but it must be stressed that, for the most part, it consists of little more than unreliable statements made by the prisoners’ fellow prisoners — either in Guantánamo, or in secret prisons run by the CIA, where torture and other forms of coercion were widespread, or through more subtle means in Guantánamo, where compliant prisoners who were prepared to make statements about their fellow prisoners were rewarded with better treatment. Some examples are available on the homepage for the release of these documents: http://wikileaks.ch/gitmo/
With this in mind, it should be noted that there are good reasons why Obama administration officials, in the interagency Guantánamo Review Task Force established by the President to review the cases of the 241 prisoners still held in Guantánamo when he took office, concluded that only 36 could be prosecuted.
The final part of this section, “Detainee’s Conduct,” analyzes in detail how the prisoners have behaved during their imprisonment, with exact figures cited for examples of “Disciplinary Infraction.”
8. Detainee Intelligence Value Assessment
After reiterating the intelligence assessment at 3b and recapping on the prisoners’ alleged status, this section primarily assesses which areas of intelligence remain to be “exploited,” according to the Task Force.
9. EC Status
The final section notes whether or not the prisoner in question is still regarded as an “enemy combatant,” based on the findings of the Combatant Status Review Tribunals, held in 2004-05 to ascertain whether, on capture, the prisoners had been correctly labeled as “enemy combatants.” Out of 558 cases, just 38 prisoners were assessed as being “no longer enemy combatants,” and in some cases, when the result went in the prisoners’ favor, the military convened new panels until it got the desired result.