WikiLeaks Will Share CIA's Hacking Secrets

WikiLeaks plans to share details about what it says are CIA hacking tools with the tech companies so that software fixes can be developed.

But will software companies want it?

The information WikiLeaks plans to share comes from 8,700-plus documents it says were stolen from an internal CIA server. If the data is classified, and it almost certainly is, possessing it would be a crime.

That was underlined by White House press secretary Sean Spicer, who advised tech vendors to consider the legal consequences of receiving documents from WikiLeaks.

“If a program or a piece of information is classified, it remains classified regardless of whether or not it is released into the public venue or not,” he said. “There’s a reason that we have classification levels, and that’s to protect our country and our people.”

However, his comments aren’t sitting well with some legal experts.

“The idea that the government might stand in the way of companies fixing vulnerabilities that have already been disclosed is remarkable, and reckless,” Patrick Toomey, an attorney with the American Civil Liberties Union, said in an email.

Cindy Cohn, an attorney and executive director at the Electronic Frontier Foundation said using US law to penalise vendors would be a "gross misuse."

US laws about security clearances on classified documents were never designed with software patching in mind, she said.

“It would be really wrong-headed for the government to go after these companies for simply trying to make their technologies more secure,” Cohn said. “It’s exactly the opposite of what the US government should be doing.”

To-date, the CIA hasn’t confirmed whether any of the documents published by Wikileaks are legitimate, but there is widespread belief they are.

WikiLeaks contained information on numerous exploits aimed at smartphones, PCs and software from major vendors including Apple, Google and Microsoft, but the source code for the attack tools wasn't published.

WikiLeaks founder Julian Assange said tech vendors would be given “exclusive access” to the tools, so they could learn how to better secure their products.

“WikiLeaks has a lot more information on what has been going on with the (CIA) cyber-weapons program,” Assange said.

And there's another worry: If WikiLeaks managed to get its hands on the data, it could be elsewhere too, increasing the risk that companies and consumers are being watched online.

So the US government should be helping tech vendors patch the vulnerabilities involved in the leak, said John Bambenek, manager of threat systems at Fidelis Cybersecurity.

“Right now, there’s only risk and no reward,” Bambenek said. “We need to fix that risk.”

It's unclear when WikiLeaks plans to begin sharing the information.

Vendors including Microsoft, along with the security firms Avira and Comodo, said that WikiLeaks hasn’t contacted them yet. 

“Our preferred method for anyone with knowledge of security issues, including the CIA or WikiLeaks, is to submit details to us at secure@microsoft.com,” Microsoft said in an email.  

Others such as antivirus vendor Bitdefender said they expect WikiLeaks to reach out to them probably over the following days.

“If WikiLeaks do want to reach out to us, we are always grateful for an opportunity to make our products even better,” the company said in an email.

Computerworld

The CIA Has Lost Control Of Its Cyber Weapon Documents:

CIA Silent about Wikileaks Agency Files:

WikiLeaks Dump Shines Light On US Intelligence’s Zero-Day Policy:

 

 

« Here Comes China’s Crypto-Currency
Cyber Insurance: 7 Questions To Ask »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Phoenix TS

Phoenix TS

Phoenix TS offers world-class management, computer, and IT security certification training courses.

MaxMind

MaxMind

MaxMind is an industry-leading provider of IP intelligence and online fraud detection tools.

Cyber Akademie (CAk)

Cyber Akademie (CAk)

Cyber Akademie is a training and education center providing high-quality training and information events on information security and data protection.

PlainID

PlainID

PlainID provides IAM teams with a simple and intuitive means to control their organization’s entire authorization process.

SySS

SySS

SySS is a market leader in penetration testing in Germany and Europe.

Institute for Cyber Security Innovation - Royal Holloway

Institute for Cyber Security Innovation - Royal Holloway

The Institute for Cyber Security Innovation aims to bring together Academia, Industry and Government to be a catalyst for applied research and innovation in cyber security policy and solutions.

GuardianKey

GuardianKey

GuardianKey is a solution to protect systems against authentication attacks.

MISP Project

MISP Project

The MISP threat sharing platform is a free and open source software helping information sharing of threat intelligence including cyber security indicators.

DeepView

DeepView

DeepView delivers a unified platform for managing risk on digital platforms. One interactive secure portal allowing employees to engage their networks securely and compliantly.

Redwall Technologies

Redwall Technologies

Redwall provides cybersecurity expertise and technology to prevent and respond to emerging threats against mobile applications and connected infrastructures.

xMatters

xMatters

xMatters is a digital service availability platform that helps enterprises prevent, manage, and resolve IT incidents before they can become business problems.

Appsec Phoenix

Appsec Phoenix

Appsec Phoenix is an end to end vulnerability management platform that focuses on workflows, threat feed, and real time data.

Tetra Defense

Tetra Defense

Tetra Defense is a leading incident response, cyber risk management and digital forensics firm.

BlockAPT

BlockAPT

BlockAPT, empowering you with an advanced, intelligent cyber defence platform. We protect our customers digital assets by unifying operational technologies against advanced persistent threats.

Tetrate.io

Tetrate.io

Tetrate Service Bridge provides enterprises with a consistent, unified way to connect and secure services across an entire mesh-managed environment.

Dispel

Dispel

Dispel makes the fastest secure remote access for industrial networks. Built by operators for operators: a zero trust engine for your entire OT, IoT, and xIoT stack.