Will WikiLeaks share hacking tool data?
WASHINGTON — The anti-secrecy group WikiLeaks raised the prospect Wednesday of sharing sensitive details it uncovered about CIA hacking tools with leading technology companies whose flagship products and services were targeted by the government’s hacker-spies.
If that sharing should take place, the unusual cooperation would give companies like Apple, Google, Microsoft, Samsung and others an opportunity to identify and repair any flaws in their software and devices that were being exploited by U.S. spy agencies and some foreign allies, as described in nearly 9,000 pages of secret CIA file, WikiLeaks published Tuesday.
The documents, which the White House declined anew Wednesday to confirm as authentic, describe clandestine methods for bypassing or defeating encryption, antivirus tools and other protective security features for computers, mobile phones and even smart TVs. They include the world’s most popular technology platforms, including Apple’s iPhones and iPads, Google’s Android phones and the Microsoft Windows operating system for desktop computers and laptops.
The CIA has declined to confirm that the documents are authentic. But on Wednesday, the agency said Americans should be “deeply troubled” by the disclosures.
CNN reported that the FBI and CIA “are coordinating reviews of the matter.”
WikiLeaks has not released the actual hacking tools themselves, some of which were developed by government hackers while others were purchased from outsiders. The group indicated it was still considering its options, but said in a statement Wednesday: “Tech companies are saying they need more details of CIA attack techniques to fix them faster. Should WikiLeaks work directly with them?” It wasn’t clear whether WikiLeaks — a strident critic of Google and Facebook, among others — was serious about such action.
Some vendors were already sifting through the disclosures to fix flaws in their software. The first confirmed patch came from Avira Operations GmbH & Co., a German antivirus vendor. Also, Apple, and later Google, said they believed that security vulnerabilities disclosed by WikiLeaks were already fixed.