Sun Sentinel Palm Beach Edition
WikiLeaks could help tech firms, but will it?
Group says it might share details of CIA hacking methods
WASHINGTON — The anti-secrecy group WikiLeaks raised the prospect Wednesday of sharing sensitive details it uncovered about CIA hacking tools with leading technology companies whose flagship products and services were targeted by the government’s hacker-spies.
If that sharing should take place, the unusual cooperation would give companies like Apple, Google, Microsoft, Samsung and others an opportunity to identify and repair any flaws in their software and devices that were being exploited by U.S. spy agencies and some foreign allies, as described in nearly 9,000 pages of secret CIA files WikiLeaks published Tuesday.
The documents, which the White House declined anew Wednesday to confirm as authentic, describe clandestine methods for bypassing or defeating encryption, antivirus tools and other protective security features for computers, mobile phones and smart TVs. They include the world’s most popular technology platforms, including Apple’s iPhones and iPads, Google’s Android phones and the Microsoft Windows operating system for desktop computers and laptops.
“This is the kind of disclosure that undermines our security, our country and our well-being,” White House spokesman Sean Spicer said. “This alleged leak should concern every single American.”
Spicer defended thencandidate Donald Trump’s comment in October 2016 — “I love WikiLeaks!” — after it published private, politically damaging emails from Hillary Clinton’s campaign manager during the presidential campaign. Spicer said there was a “massive, massive difference” between WikiLeaks publishing stolen, personal emails of a political figure and files about national security tools used by the CIA.
The CIA has declined to confirm that the documents are authentic. But on Wednesday, the agency said Americans should be “deeply troubled” by the disclosures.
WikiLeaks has not released the actual hacking tools themselves, some of which were developed by government hackers while others were purchased from outsiders.
A message seeking additional details from WikiLeaks was not immediately returned, and an attempt to speak to founder Julian Assange at the Ecuadorean Embassy in London on Tuesday was rebuffed.
Security experts said WikiLeaks was obligated to work privately with technology companies to disclose previously unknown software flaws, known as zero-day vulnerabilities because consumers would have no time to discover how to defend themselves against their use, and with companies that design protection software. WikiLeaks has said the latest files apparently have been circulating among former U.S. government hackers and contractors.
“The clear move is to notify vendors,” said Chris Wysopal, co-founder and chief technology officer of Veracode Inc. “If WikiLeaks has this data then it’s likely others have this data, too. The binaries and source code that contain zero days should be shared with people who build detection and signatures for a living.”
The political fallout and damage to U.S. intelligence operations was still being assessed. The former head of the CIA and National Security Agency, Michael Hayden, sought to assure people the U.S. would use such cyber weapons only against foreign targets.
“I can tell you that these tools would not be used against an American,” Hayden said Tuesday night on “The Late Show with Stephen Colbert.”
“But there are people out there that you want us to spy on.”
Some vendors were already sifting through the disclosures to fix flaws in their software. The first confirmed patch came from Avira Operations GmbH & Co., a German antivirus vendor, which told The Associated Press it fixed what it described as “a minor vulnerability” within a few hours of the WikiLeaks release.
Apple said many of its security vulnerabilities disclosed by WikiLeaks were already fixed. In a statement late Tuesday, it said its initial analysis showed that the latest version of the iOS system software for iPhones and iPads fixed many of those flaws. Apple said it will “continue work to rapidly address any identified vulnerabilities.”
Google hasn’t commented.
The new releases are all the more remarkable given that WikiLeaks’ founder Assange is midway through his fifth year at the Ecuadorean Embassy.
Meanwhile, the upcoming second round of Ecuador’s presidential contest may mean Assange’s welcome at the embassy is wearing thin. The frontrunner in the race, Guillermo Lasso, has said he would evict Assange, an action Assange says could eventually lead to his extradition to the United States.