Wikileaks has released new files part of the Vault 7 series it claims it obtained from the CIA. The files dumped online yesterday reveal details about the inner workings of a biometrics system developed by the CIA, and which the agency has provided to various liaison services, such as the DHS, FBI, and NSA.
Documents details a tool named ExpressLane that the CIA uses to ensure that fellow liaison agencies share the collected biometrics with the CIA.
According to the files, the CIA designed its biometrics database in such a way that the entire system ceases to work after six months if a CIA operative doesn’t visit the liaison agency to install an update.
This update does not take place. The CIA operative that visits these liaison agencies inserts a USB device that runs the ExpressLane tool.
This app shows a splash screen that mimics an update status bar. In reality, ExpressLane collects all the new biometrics data recorded since the last visit. In addition, ExpressLane also prolongs the biometrics database kill date with another six months or any custom period of time.
ExpressLane’s purpose is to make sure that other US agencies play fair with the CIA and share all the data they collect, otherwise, the CIA bricks its remote biometrics databases.
ExpressLane works together with another tool called ExitRamp, which is used to extract the biometrics data from the ExpressLane USB.
According to the leaked documents, ExpressLane was developed for the CIA’s Directorate of Science and Technology (DST) and was used by two of its departments — the Office of Technical Services (OTS) and Identity Intelligence Center (I2C).
WikiLeaks claims that ExpressLane was co-developed together with US biometrics vendor CrossMatch, who is also known to provide other types of biometrics solutions to US law enforcement agencies. This is the same company that in 2011 claimed the US used one of its tools to identify and locate Osama Bin Laden.
Today's dump is part of a larger series called Vault 7 contains documents WikiLeaks claims were stolen from the CIA by hackers and insiders. You can follow the rest of our WikiLeaks Vault 7 coverage here. Below is a list of the most notable WikiLeaks "Vault 7" dumps: