WikiLeaks looks at helping tech vendors disarm CIA hacking tools
Credit to Author: Michael Kan| Date: Thu, 09 Mar 2017 03:57:00 -0800
WikiLeaks has attracted plenty of haters over its controversial disclosures. But the site may be in a unique position to help tech vendors better secure their products.
That’s because WikiLeaks has published secret hacking tools allegedly taken from the CIA, which appear to target smartphones, smart TVs and PCs.
Companies including Apple and Cisco have been looking through the stolen documents to address any vulnerabilities the CIA may have exploited. However, WikiLeaks might be able to speed up and expand the whole process.
So far, the site hasn’t released the source code to any of the hacking tools. But on Wednesday, WikiLeaks raised the prospect that it might share the sensitive information with tech vendors as a way to quickly patch the vulnerabilities.
“Tech companies are saying they need more details of CIA attack techniques to fix them faster. Should WikiLeaks work directly with them?” the site tweeted out in a poll.
The day before, WikiLeaks said it was holding back from publicly sharing the source code until a consensus emerges over how the hacking tools should be “analyzed, disarmed and published.”
The site wants to prevent CIA-made “cyberweapons” from proliferating, so working with tech vendors could be a way for WikiLeaks to essentially defuse them.
It’s also an offer that tech vendors probably can’t ignore.
“They might have to absolutely work with WikiLeaks,” said Jason Healey, a researcher at Columbia University who studies U.S. policy on vulnerability disclosure.
“How do you tell a shareholder or a user that there’s information on a hole out there, but you didn’t bother to speak with WikiLeaks about it?” he said.
The other danger is that malicious parties might know about the secret CIA hacking tools too.
WikiLeaks hasn’t identified the source behind the stolen documents. But it’s mentioned that former U.S. government hackers and contractors were circulating the confidential data, and that someone among them supplied a copied portion to WikiLeaks.
However, Healey pointed to WikiLeak’s suspected ties to Russian cyberspies as a major area of concern.
Assuming the stolen CIA hacking tools are real, Healey suggests that the U.S. government intervene and help vendors patch the vulnerabilities involved in this particular leak.
“Don’t let [the tech vendors] go to WikiLeaks for the information,” he said. “Let them hear it from the U.S. and not maybe from the Russians.”
Other security experts said that while it’s possible WikiLeaks could be holding on to other secret hacking tools, the document dumps so far haven’t shown anything alarming.
Will Strafach, CEO of Sudo Security Group, said that WikiLeaks has been exaggerating the capabilities of the leaked CIA hacking tools.
For instance, the CIA-developed iOS exploits in the documents show that the hacking tools appear to be largely out-of-date and no longer work on iOS 10 or higher, he said.
“The products are already patched,” he said. “[WikiLeaks is] definitely trying to mislead people here.”
On Wednesday, Google also said it reviewed the stolen documents and is confident that its Android OS can “already shield users from many of these alleged vulnerabilities.”
However, tech vendors didn’t immediately comment on whether they are reaching out to WikiLeaks.
The controversial disclosures apparently won’t win the site any fans from the CIA.
“Such disclosures not only jeopardize U.S. personnel and operations, but also equip our adversaries with tools and information to do us harm,” the agency said in a statement.