In a suburb of Cincinnati about 30 minutes north of the Ohio River, right down the street from the local Hooters, a little known subsidiary of defense giant Northrop Grumman works on contracts for the Central Intelligence Agency.
Xetron Corporation, whose products range from military sensors to communications systems to information security software, shows up in nearly 400 documents published earlier this month by WikiLeaks. Those documents describe some of the tools the CIA uses to hack phones, smart TVs, and other digital products to conduct espionage overseas — and some of the partners that help them do it, like Xetron.
Now Xetron employees are facing additional scrutiny in the wake of the WikiLeaks dump, according to one source familiar with the matter, with some of them suddenly pulled in to polygraph examinations. It’s unclear if the government is conducting an active investigation into the company as a potential source of the leaks or if the firm is simply responding to stepped-up security requirements on some of its projects.
According to the source, it typically takes months for contractors to schedule the polygraph examinations required on certain sensitive government contracts — sometimes up to a year. “But if it was really important for a mission it would happen immediately … or [if there’s] concern about the project,” the person said. Another source familiar with Xetron’s operations said being suddenly asked to sit for a polygraph in the context of normal project requirements is unusual. The sources requested anonymity to preserve their employability in the buttoned-up world of defense contracting.
The FBI, Xetron, and Northrop Grumman all declined to comment. “Thank you for reaching out to us. At this time we’re not able to provide a comment on this matter,” Northrop Grumman spokesperson Matt McQueen wrote.
“We have no comment on the authenticity of purported intelligence documents released by WikiLeaks or on the status of any investigation into the source of the documents,” Heather Fritz Horniak, spokesperson for the CIA wrote in an email to The Intercept.
The material released by WikiLeaks show that Xetron provided the CIA with tools to gain unauthorized access to Cisco routers. In one document, Xetron engineers are shown working with “The Bakery” — an unidentified group, possibly a codename for a unit within the CIA — to create “Cinnamon”: a malicious implant for Cisco devices. Another document says that Xetron developed software that routes communications back and forth between computers compromised by the CIA and command servers also controlled by the agency.
Xetron has been sharing hacking techniques with the intelligence community going back to at least 2010, according to documents from NSA whistleblower Edward Snowden. In that year, according to a top-secret schedule, a Xetron representative was slated to present malicious Windows software named “Orca” at one of the CIA’s annual “Jamboree” technology conferences for agency staff and contractors. Orca was designed to circumvent a security feature of Windows that prevented anyone from tampering with programs on a computer hard drive. Orca instead tampered with programs after they had been loaded from the drive into memory.
Our IP Address: