Friday, March 29, 2024 | Ramadan 18, 1445 H
clear sky
weather
OMAN
25°C / 25°C
EDITOR IN CHIEF- ABDULLAH BIN SALIM AL SHUEILI

Wikileaks’ CIA hacking dump sends tech firms scrambling for fixes

949536
949536
minus
plus

prying eyes: Documents reveal CIA’s capacity to hack all manner of devices -


FRANKFURT: Tech companies must rapidly step up information sharing to protect users from prying eyes, a security software executive said on Wednesday after WikiLeaks released a trove of documents detailing the CIA’s capacity to hack all manner of devices.


Dozens of firms rushed to contain the damage from possible security weak points following the anti-secrecy organisation’s revelations, although some said they needed more detailed information on what the US intelligence agency was up to before they can thwart suspected, but previously hidden attacks.


Sinan Eren, vice-president of Czech anti-virus software maker Avast, called on mobile software makers Apple and Google to supply security firms with privileged access to their devices to offer immediate fixes to known bugs.


“We can prevent attacks in real time if we were given the hooks into the mobile operating system,” Eren said in a phone interview from Silicon Valley, where he is located.


“If we can drive a paradigm shift where mobile platforms don’t shut off access, we’ll be better able to detect when hackers are hiding in a mobile (phone),” he said.


Avast, which counts more than 400 million users of its anti-virus software worldwide, was named in the Wikileaks documents as one of the security vendors targeted by the CIA in a leaked page labelled “secret” but with no further details.


The leaks — which Wikileaks described as the biggest in the Central Intelligence Agency’s history — had enough technical details for security experts and product vendors to recognise widespread compromises exist. However, they provided few specifics needed to offer quick fixes.


Reuters could not immediately verify the validity of the published documents, but several contractors and private cyber security experts said the materials appear to be legitimate.


The 8,761 leaked documents list a wealth of security attacks on Apple and Google Android smartphones carried by billions of consumers, as well as top computer operating systems — Windows, Linux and Apple Mac — and six of the world’s main web browsers.


Apple said in a statement that nearly 80 per cent of iPhone users run its current iOS software with the latest security patches. “Many of the issues leaked today were already patched in the latest iOS, we will continue work to rapidly address any identified vulnerabilities,” Apple said on Tuesday. The statement made no reference to attacks on its computer software.


Google did not immediately respond to a request for comment, while a Microsoft spokeswoman said: “We’re aware of the report and are looking into it.”


Widely-used routers from Silicon Valley-based Cisco were listed as targets, as were those supplied by Chinese vendors Huawei and ZTE and Taiwanese supplier Zyxel for their devices used in China and Pakistan.


Cisco security team members said in a blog post that because WikiLeaks has not released any of the actual hacking exploits “the scope of action that can be taken by Cisco is limited”.


Omar Santos, a principal engineer in Cisco’s security response unit, said malware appears to be targeting whole families of Cisco devices but is designed to remain hidden so as to steal data unnoticed. He said Cisco assumes WikiLeaks will eventually disclose the hacks, allowing it to fix them. — Reuters


SHARE ARTICLE
arrow up
home icon