Presenting Silicon Valley with a potential dilemma on how to deal with the anti-secrecy group, Wikileaks founder Julian Assange said that it will provide technology companies with exclusive access to CIA hacking tools that it possesses so they can patch software flaws.
In order to share cyber vulnerabilities stockpiled by a secretive U.S. spy agency, technology companies will be placed in the unusual position of relying on Assange if the offer is legitimate.
How WikiLeaks intended to cooperate with the companies was not clear. Secret Central Intelligence Agency hacking tools and snippets of computer code were described in documents published by the group on Tuesday. In order to actually conduct cyber exploits against phones, computers and Internet-connected televisions there is need for full programs which were not published by it
“Considering what we think is the best way to proceed and hearing these calls from some of the manufacturers, we have decided to work with them to give them some exclusive access to the additional technical details that we have so that the fixes can be developed and pushed out, so people can be secure,” Assange said during an online press conference from the Ecuadorean embassy in London.
To avoid extradition to Sweden over allegations of rape, which he denies, Assange took refuge at the embassy in 2012.
They welcomed submissions of any vulnerabilities through normal reporting channels, said Microsoft Corp and Cisco Systems Inc, whose wares are subject to attacks described in the documents, in response to Assange.
“We’ve seen Julian Assange’s statement and have not yet been contacted,” a Microsoft representative said. “Our preferred method for anyone with knowledge of security issues, including the CIA or Wikileaks, is to submit details to us at firstname.lastname@example.org so we can review information and take any necessary steps to protect customers.”
Requests for comments by the media were not answered by representatives of Alphabet Inc’s Google, Apple Inc, Samsung Electronics Co Ltd and Huawei, whose products were also featured in the CIA catalog.
“As we’ve said previously, Julian Assange is not exactly a bastion of truth and integrity,” said CIA spokesman Jonathan Liu, in a statement responding to Assange.
“Despite the efforts of Assange and his ilk, CIA continues to aggressively collect foreign intelligence overseas to protect America from terrorists, hostile nation states and other adversaries.”
Confidence that their recent security updates have accounted for the purported flaws described in the CIA documents, has already been expressed by several companies. “Many of the issues” leaked had already been patched in the latest version of its operating system, Apple said in a statement on Tuesday.
Debate about whether U.S. intelligence agencies should hoard serious cyber security vulnerabilities rather than share them with the public has been reignited by the publication of the documents by WikiLeaks. Erring on the side of disclosure was called for by an interagency process created under former President Barack Obama.
(Adapted from Reuters)