Home United States USA — software UPDATE 1-Wikileaks' CIA hacking dump sends tech firms scrambling for fixes

UPDATE 1-Wikileaks' CIA hacking dump sends tech firms scrambling for fixes

243
0
SHARE

FRANKFURT, March 8- Tech companies must rapidly step up information-sharing to protect users from prying eyes, a security software executive said on Wednesday after WikiLeaks released a trove of data purporting to show that the CIA can hack all manner of devices. “We can…
(Tweaks first paragraph, adds Google declining to comment; changes slug to conform to previous stories)
FRANKFURT, March 8 (Reuters) – Tech companies must rapidly step up information-sharing to protect users from prying eyes, a security software executive said on Wednesday after WikiLeaks released a trove of data purporting to show that the CIA can hack all manner of devices.
Dozens of firms rushed to contain the damage from possible security weak points following the anti-secrecy organization’s revelations, although some said they needed far more information on what the U. S. intelligence agency was up to before they could thwart suspected but previously hidden attacks.
Sinan Eren, vice president of Czech anti-virus software maker Avast, called on mobile software makers Apple and Google to supply security firms with privileged access to their devices to offer immediate fixes to known bugs.
“We can prevent attacks in real time if we are given the hooks into the mobile operating system,” Eren said in a phone interview from Silicon Valley, where he is located.
“If we can drive a paradigm shift where mobile platforms don’t shut off access, we’ll be better able to detect when hackers are hiding in a mobile (phone),” he said.
Avast, which counts more than 400 million users of its anti-virus software worldwide, was named in the WikiLeaks documents as one of the security vendors targeted by the CIA in a leaked page labeled “secret” but lacking further details.
The leaks – which WikiLeaks described as the biggest in the Central Intelligence Agency’s history – had enough technical details for security experts and product vendors to recognize that widespread compromises exist. However, they provided few specifics needed to offer quick fixes.
Reuters could not immediately verify the validity of the published documents, but several contractors and private cyber security experts said the materials appeared to be legitimate.

Continue reading...