WikiLeaks has claimed it has reached out to tech firms, including Google, Apple, Microsoft, Mozilla and MicroTik regarding alleged CIA cyberweapons and malware. The whistle-blowing platform tweeted it has made contact to help firms "protect users against CIA malware".
Founder Julian Assange had previously vowed to provide tech firms with "exclusive access" to WikiLeaks' trove of alleged CIA hacking tools, in efforts to help firms issue out security patches to protect customers. However, as of last weekend, WikiLeaks was yet to deliver on its promise. Reports claimed that Google and Microsoft were yet to be contacted by the transparency platform. A Microsoft spokesperson had also claimed that the firm preferred that those with knowledge of security issues contact them via a secure email address.
However, a Microsoft spokesperson has confirmed that WikiLeaks has reached out to the firm. "WikiLeaks has made initial contact with us via firstname.lastname@example.org," the Microsoft spokesperson told The Register.
Google, Samsung, Apple and Microsoft, all whose products are allegedly affected by the CIA hacking tools have previously claimed that they were looking into the issue. Google and Apple claimed to have already issued out patches as part of their latest security updates, to protect customers from potential harm from security flaws disclosed by WikiLeaks.
There has been no official comment or confirmation from Silicon Valley giants about WikiLeaks having contacted them regarding CIA cyberweapons. The legitimacy of the leaked details on CIA's hacking tools and techniques is yet to be verified by the spy agency or by other security specialists.
Meanwhile, investigators looking into how WikiLeaks got its hands on the alleged classified data, suspect that CIA contractors, disgruntled over recent job losses, may have handed over sensitive material to the whistle-blowing platform. Authorities have reportedly questioned several CIA contractors and have honed in on a small group of developers working with the spy agency's engineering department, which is responsible for developing cyber tools for operations.
It remains unclear, however, as to how effective WikiLeaks' offer to help tech firms develop security patches and protect users against potential threats, may be in reality. The Shadow Brokers' NSA cyberweapons dump saw firms like Cisco scramble to issue patches before vulnerabilities cold be exploited by malicious hackers. Given that WikiLeaks has indicated that its Vault 7 dump is only a miniscule part of a much larger dump, the possibilities of security flaws being exploited by hackers may be higher than expected.