Wikileaks’ publication of documents detailing CIA hacking tools has prompted calls for government to control spy agencies’ use of vulnerabilities in widely used hardware and software
A digital rights group has called on government to regulate the way their intelligence agencies hoard and use vulnerabilities that affect devices owned by millions of ordinary people.
The call comes after Wikileaks published details of US Central Intelligence Agency (CIA) hacking tools that exploit zero-day vulnerabilities in most desktop and mobile operating systems .
“While targeted surveillance is a legitimate aim, we need to know that government regulation of this area is sufficient,” said Open Rights Group campaigner Ed Johnson-Williams
“From what we learnt during the passage of the Investigatory Powers Act , it appears that the ‘creation’ of techniques is not really regulated at all,” he wrote in a blog post .
The leaked CIA documents indicate that US intelligence agencies are working with the UK to stockpile vulnerabilities that can be used on Microsoft Windows, Mac and Linux computers ,as well as iOS and Android smartphones and smart TVs.
In the light of the fact that many of the vulnerabilities disclosed came from UK intelligence agencies, Johnson-Williams said the UK government has serious questions to answer, such as:
Johnson-Williams said while the spy agencies will use these vulnerabilities for targeted surveillance, the same vulnerabilities can also be discovered and exploited by criminals and other countries’ intelligence agencies.