On Friday, WikiLeaks tweeted out a statement from Julian Assange criticizing companies that have not responded to an offer to help with vulnerabilities the CIA is potentially exploiting. While companies like Mozilla have responded, Assange says Google and others have not because of their dealings with the federal government.
Update on CIA #Vault7 "zero day" software vulnerabilities
— WikiLeaks (@wikileaks) March 18, 2017
On March 7, WikiLeaks published part one of “Year Zero,” a series of publications on the inner workings of the CIA. WikiLeaks says the documents show that the CIA intentionally hoarded vulnerabilities to software and popular tech in order to exploit it for their cyber arsenal — an arsenal that may not be that secure.
WikiLeaks also asserts that the CIA’s Center for Cyber Intelligence has developed numerous “backdoors, exploits, malicious payloads, trojans, viruses” to access remotely the most popular smart devices and exploit their operating systems. Yet, according to Assange, companies like Google have not replied to WikiLeaks about these revelations for one specific reason.
“Most of these lagging companies have conflicts of interest due to their classified work for U.S. government agencies,” Assange states. “In practice such associations limit industry staff with U.S. security clearances from fixing security holes based on leaked information from the CIA.”
He added this warning: “Should such companies choose to not secure their users against CIA or NSA attacks users may prefer organizations like Mozilla or European companies that prioritize their users over government contracts.”
WikiLeaks plans to create a league table that will compare companies’ responsiveness and government entangles for consumers to consider and decide for themselves. Assange said WikiLeaks will have more to say about the matter this week.