When firewalls, network-monitoring services, and antivirus software aren’t enough, there’s always been one surefire way to protect computers that control sensitive operations like power grids and water pumps: cut them off from the internet entirely. But new documents published by WikiLeaks on June 22 suggest that even when such extreme measures are taken, no computer is safe from motivated, well-resourced hackers.

The 11 documents describe a piece of software called “Brutal Kangaroo,” a set of tools built for infiltrating isolated, “air-gapped” computers by targeting internet-connected networks within the same organization. It’s the latest publication in the “Vault 7” series of leaked documents, which describe myriad hacking tools WikiLeaks says belong to the US Central Intelligence Agency (CIA).

Brutal Kangaroo works by creating a digital path from an attacker to an air-gapped computer and back. The process begins when a hacker remotely infects an internet-connected computer in the organization or facility being targeted. Once it has infected that first computer, what the documents refer to as the “primary host,” Brutal Kangaroo waits. It can’t spread to other systems until someone plugs a USB thumb drive into that first one.

“Emotional Simian,” a tool for packaging malware described in the Brutal Kangaroo documents Photo by: (WikiLeaks) “Emotional Simian,” a tool for packaging malware described in the Brutal Kangaroo documents

Once someone does, malware specific to the make and model of the thumb drive is copied onto it, hiding in modified LNK files that Microsoft Windows uses to render desktop icons, and in DLL files that contain executable programs. From this point, Brutal Kangaroo will spread further malware to any system that thumb drive is plugged into. And those systems will infect every drive that’s plugged into them, and so on, and the idea is that eventually one of those drives will be plugged into the air-gapped computer.

The major flaw in the concept of isolating sensitive computers is that the air gap around them can only be maintained if no one ever needs to copy files onto or off of them. But even for specialized systems, there are always updates and patches to install, and information that has to be fed in or pulled out. It’s common knowledge among IT specialists that external hard drives are an obvious target for anyone seeking to break the air gap, and precautions are presumably taken in facilities with diligent IT specialists. Those precautions, however, can be subverted with exploitations of obscure vulnerabilities, and sometimes mistakes simply happen.

If a thumb drive infected with Brutal Kangaroo is plugged into an air-gapped computer, it immediately copies itself onto it. If a user tries to browse the contents of the infected drive on that computer, it will trigger additional malware that will collect data from the computer. As users continue plugging the drive into connected and disconnected computers, a relay is formed, ultimately creating a slow path back to the hacker, through which data copied from the air-gapped computer will be delivered if everything goes according to plan.

Many details described in the Brutal Kangaroo documents have drawn comparisons to Stuxnet, the powerful malware reportedly developed by the US and Israel to sabotage Iran’s nuclear program. Stuxnet was specifically built to target air-gapped computers that controlled centrifuges in an Iranian nuclear facility. The attackers in that case did not target an internet-connected network within the nuclear facility, presumably because there wasn’t one, but instead targeted five outside organizations, according to a 2014 report in Wired. From there, however, the attack worked in much the same way as the methods described in the Brutal Kangaroo documents: Stuxnet also spread through thumb drives, hid in LNK files, and attempted to create a relay to send information back to the attackers.

Stuxnet was eventually discovered by security researchers because it was too powerful, and spread to far more computers than its creators apparently wanted it to. The developers of Brutal Kangaroo appear to have taken a lesson from that, and described several checks in their documents that will stop it from spreading if certain factors are met. Every time it lands on a new computer, Brutal Kangaroo first checks the computer’s date. If it is past a date hard-coded into the malware, “the program will immediately exit,” according to the documents. It also checks some sort of “black list,” and will quit if the computer is on it. It will also quit Brutal Kangaroo “if the computer had been seen before.”

The Brutal Kangaroo documents are only the latest revelation about what the CIA’s hackers are allegedly capable of. Previous Vault 7 publications have included documents that suggest the agency can turn smart TVs into listening devices, hack various desktop and mobile operating systems, and monitor internet traffic by breaking into home wifi routers. In April, Symantec matched several tools described in the releases to invasive software it had been tracking since 2014. That malware had infected at least 40 targets in 16 countries since 2011, the company said in a blog post, and was possibly active as far back as 2007.

The CIA has not confirmed its ownership of the documents or tools, but as Motherboard pointed out last March, US officials said in court that the documents contain classified information, suggesting that the leaks are in fact authentic.