While these are consumer devices and the CIA isn't a corporate rival trying to steal business secrets, large enterprises and the cyber security companies that protect their networks have reason to take note.
Wireless phones are integral parts of corporate and government networks, and many enterprises have bring-your-own-device policies that connect personal cell phones -- and their vulnerabilities -- to systems containing sensitive data.
WikiLeaks late Tuesday released a collection of documents totaling 7,818 pages which detail the government's alleged efforts to hack into, monitor and, in some cases, remotely control popular devices including iPhones, Android devices and Samsung (SSNLF) smart TVs.
A single news cycle worth of cyber paranoia isn't enough to drive significant changes in corporate security, JMP Securities analyst Erik Suppiger said, but it certainly serves as a reminder of what enterprises must guard against.
Editor's pick: This article was originally published on March 8.
"Something like this could raise awareness at the board level that enterprises need to be very careful about what exactly is going on on their networks that they don't know about" he said. "Obviously they are using cell phones so there is certainly some reason for them to be more aware of it."
A number of firms could provide means for finding out if the CIA or another intruder has hacked its way into a corporate network.
"FireEye (FEYE) does a lot of forensic work for enterprise accounts that are concerned that someone is on their network," Suppinger said.
Another is Cyberark (CYBR) . "They also provide controls over whether hackers have penetrated some of the privileged, sensitive accounts that have critical access to assets," the analyst said.
Imperva (IMPV) provides security and monitoring for database activity, and could pick up on signs that someone had breached corporate systems.
Fears from the latest WikiLeaks data dump may be overblown. The CIA's new hacking program is not as widespread as the government campaign that Edward Snowden exposed.
Encryption still works, Symantec (SYMC) security czar Tarah Wheeler and University of Pennsylvania Ph.D candidate Sandy Clark wrote in a piece on Medium. The CIA had tapped vulnerabilities in mobile phones to access communications prior to encryption. The authors likened the technique to hiding in a room and eavesdropping on a conversation that occurred over a secure phone line.
"You're hearing the information before it's ever encrypted and sent, so the voices are entirely in the open," Wheeler and Clark wrote. "Even worse, if you're able to see over someone's shoulder to a 2-way text conversation on their phone or laptop, it doesn't matter if the information was encrypted in transit if you're already seeing everything that happens on the device.
If the CIA also used email fraud, or phishing, Suppinger said, Proofpoint (PFPT) could get more attention.
"The reality is that email is the number one tool for targeting individuals," Suppinger said, regarding spear phishing messages that trick the recipients into disclosing information or clicking on a link that introduces malware to their systems.