WASHINGTON/BERLIN (Reuters) - U.S. intelligence and law enforcement officials said on Wednesday they have been aware since the end of last year of a security breach at the CIA and were focusing on contractors as the likeliest source of documents being passed on to anti-secrecy group WikiLeaks detailing the agency’s hacking tools.
The officials, who spoke on condition of anonymity, told Reuters that they believed documents published by WikiLeaks on Tuesday about CIA techniques used between 2013 and 2016 were authentic.
The documents showed that CIA hackers could get into Apple Inc iPhones, Google Inc Android devices and other gadgets in order to capture text and voice messages before they were encrypted with sophisticated software.
The White House said on Wednesday that President Donald Trump was “extremely concerned” about a CIA security breach that led to the Wikileaks release, and the administration would be tough on leakers.
“Anybody who leaks classified information will be held to the highest degree of law,” spokesman Sean Spicer told reporters.
One official with knowledge of the investigation said companies that are contractors for the CIA have been checking to see which of their employees had access to the material that Wikileaks published, and then going over their computer logs, emails and other communications for any evidence of who might be responsible.
One reason the investigation is focused on a potential leak by contractors rather than for example a hack by Russian intelligence, another official said, is that so far there is no evidence that Russian intelligence agencies tried to exploit any of the leaked material before it was published.
One European official, speaking on condition of anonymity, said the Wikileaks material could in fact lead to closer cooperation between European intelligence agencies and U.S. counterparts, which share concerns about Russian intelligence operations.
U.S. intelligence agencies have accused Russia of seeking to tilt last year’s U.S. presidential election in Trump’s favor, including by hacking into Democratic Party emails. Moscow has denied the allegation.
One major security problem was that the number of contractors with access to information with the highest secrecy classification has “exploded” because of federal budget constraints, the first U.S. official said.
U.S. intelligence agencies have been unable to hire additional permanent staff needed to keep pace with technological advances such as the “Internet of Things” that connects cars, home security and heating systems and other devices to computer networks, or to pay salaries competitive with the private sector, the official said.
Reuters could not immediately verify the contents of the published documents. On Tuesday, several contractors and private cyber security experts said the materials appeared to be legitimate.
A person familiar with Wikileaks’ activities said Wikileaks has had the CIA hacking material for months, and that the release of the material was in the works “for a long time.”
A Congressional official said that the U.S. House of Representatives Intelligence Committee has begun asking questions about the WikiLeaks disclosures.
In Germany on Wednesday, the chief federal prosecutor’s office said that it would review the Wikileaks documents because some suggested that the CIA ran a hacking hub from the U.S. consulate in Frankfurt.
“We’re looking at it very carefully,” a spokesman for the federal prosecutor’s office told Reuters. “We will initiate an investigation if we see evidence of concrete criminal acts or specific perpetrators.”
Chancellor Angela Merkel is scheduled to visit Washington on March 14 for her first meeting with Trump, who has sharply criticized Berlin for everything from its trade policy to what he considers inadequate levels of military spending.
The Wikileaks documents may also complicate bilateral intelligence ties that have just begun to recover after a series of scandals, including news in 2013 that the U.S. National Security Agency had bugged Merkel’s cellphone. The Frankfurt consulate was investigated by German lawmakers after that incident.
Merkel told lawmakers last month she did not know how closely Germany’s spies cooperated with their U.S. counterparts until 2015 when former NSA contractor Edward Snowden revealed the BND spy agency had for years passed on information to the NSA about European companies and politicians.
Germany scaled back the level of cooperation with the NSA after those revelations.
U.S. officials have acknowledged that the consulate in Frankfurt is home to a CIA base. A facility adjacent to the city’s airport and the Rhein-Main Air Base has for many years been home to the CIA’s “Tefran” station, a U.S. center for collecting intelligence on Iranian activities in Europe, maintaining surveillance on Iranian officials and targeting potential defectors working in Iran’s nuclear weapons program.
Foreign ministry spokesman Sebastian Fischer told a regular government news conference that Germany took the issue seriously, but more work needed to be done to verify the authenticity of the documents. Berlin was in close touch with Washington about the case and such matters generally, he said.
Government spokesman Steffen Seibert said Germany’s domestic intelligence agency had the job of uncovering espionage activities in Germany, and carried out its work comprehensively.
Wikileaks reported that CIA employees had been given diplomatic passports and State Department identities to carry out their work in Frankfurt, focused on targets in Europe, the Middle East and Africa. The documents included advice for CIA experts about life in Germany, noting that shops are closed on Sundays, and to have “your cover-for-action story down pat” when they were asked by German authorities when entering the country.