News, views and top stories in your inbox. Don't miss our must-read newsletter Sign up Thank you for subscribing We have more newsletters Show me See our privacy notice Invalid Email

A massive trove of documents, detailing how the CIA hacks into electronic devices to spy on the world's citizens, has been published online by WikiLeaks.

The trove of documents, code-named Vault 7, represents the most comprehensive release of US spying files ever made public, according to WikiLeaks founder Julian Assange.

There are 8,761 documents in total - far more pages than the Edward Snowden files that exposed the vast hacking power of the NSA and other intelligence agencies in 2013.

Assange claims this trove is just the first in a series of "Year Zero" leaks.

(Image: PA)

Here's what you need to know about Vault 7:

What is 'Vault 7'?

Vault 7 is a trove of 8,761 confidential documents, which has been obtained by WikiLeaks.

It contains evidence that the CIA has been building its own "fleet of hackers" since 2001, and that these hackers have been developing cyber weapons to spy on people through their own phones, computers and smart TVs.

The documents also include details of the cyber weapons themselves - including more than a thousand hacking systems, trojans, viruses, and other "weaponised" malware.

This amounts to more than several hundred million lines of code, giving the possessor of Vault 7 "the entire hacking capacity of the CIA", according to Wikileaks.

Where do the documents come from?

The documents were obtained from an isolated, high-security network situated inside the CIA's Center for Cyber Intelligence in Langley, Virgina.

The archive appears to have been circulated among former US government hackers and contractors - one of whom has provided WikiLeaks with portions of the archive.

WikiLeaks has not revealed the identity of its source.

What has been published?

Once a single cyber weapon is "loose" it can spread around the world in seconds, to be used by rival states, cyber mafia and teenage hackers alike.

As a result, WikiLeaks has refrained from publishing the code for the "armed" cyber weapons themselves, until a consensus is reached on how these weapons should be analysed, disarmed and published.

Wikileaks has also anonymised some identifying information, including the names, email addresses and IP addresses of tens of thousands of CIA targets and attack machines throughout Latin America, Europe and the United States.

What time period is covered?

The documents were all created between 2013 and 2016.

WikiLeaks has obtained the CIA's creation date and last modification date for each page, but these do not appear on the documents for technical reasons.

What gadgets are affected?

The CIA's malware arsenal allows it to hack into a wide range of US and European company products, including Apple's iPhone, Google's Android and Microsoft's Windows and even Samsung TVs.

(Image: REUTERS)

Some of the cyber weapons allow CIA operatives to turn on the microphone remotely, transforming these gadgets into covert listening devices.

The CIA has also developed automated multi-platform malware attack and control systems to target Windows, Mac OS X, Solaris and Linux machines.

What laws have the CIA broken?

One of the CIA's alleged misdemeanours is "hoarding" so-called zero day vulnerabilities, rather than disclosing them to Apple, Google, Microsoft, and other US-based manufacturers.

If the manufacturers don't know about the vulnerabilities, they can't fix them, which means there's nothing to stop foreign intelligence or cyber criminals discovering the vulnerabilities independently and exploiting them for their own ends.

In the wake of Edward Snowden's leaks about the NSA, the Obama administration committed to the Vulnerabilities Equities Process , which states that all vulnerabilities discovered after 2010 must be disclosed.

The Vault 7 documents show that the CIA breached the Obama administration's commitments, placing huge swathes of the US population and critical infrastructure at risk.

"By hiding these security flaws from manufacturers like Apple and Google the CIA ensures that it can hack everyone, at the expense of leaving everyone hackable," WikiLeaks states.

What is the purpose of the leak?

WikiLeaks claims the source of the leak wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons.

The source has complied a list of policy questions that they say urgently need to be debated in public - including whether the CIA's hacking capabilities exceed its mandated powers, and the problem of public oversight of the agency.

Why now?

WikiLeaks claims it published the Vault 7 as soon as its verification and analysis were ready.

(Image: Getty)

Although the Trump administration issued an Executive Order in February, calling for a "cyberwar" review, Wikileaks claims this did not play a role in setting the publication date.

However, it admits that the review "increases the timeliness and relevance of the publication".

What about the rest of the Year Zero documents?

WikiLeaks has not said when it plans to publish the rest of the Year Zero documents.

However, WikiLeaks describes Vault 7 as "the first full part of the series", suggesting there are several more instalments to come.