By Dustin Volz and Eric Auchard
WASHINGTON/FRANKFURT (Reuters) – WikiLeaks will provide technology companies with exclusive access to CIA hacking tools that it possesses, to allow them to patch software flaws, founder Julian Assange said on Thursday.
The offer, if legitimate, could put Silicon Valley in the unusual position of deciding whether to cooperate with Assange, a man believed by some U.S. officials and lawmakers to be an untrustworthy pawn of Russian President Vladimir Putin, or a secretive U.S. spy agency.
It was not clear how WikiLeaks intended to cooperate with technology companies, or if they would accept his offer. The anti-secrecy group published documents on Tuesday describing secret Central Intelligence Agency hacking tools and snippets of computer code. It did not publish the full programs that would be needed to actually conduct cyber exploits against phones, computers and Internet-connected televisions.
Representatives of Alphabet Inc’s Google Apple Inc, Microsoft Corp <MSFT.O> and Cisco Systems Inc <CSCO.O>, all of whose wares are subject to attacks described in the documents, did not immediately respond to requests for comment before regular business hours on the U.S. West Coast.
“Considering what we think is the best way to proceed and hearing these calls from some of the manufacturers, we have decided to work with them to give them some exclusive access to the additional technical details that we have so that the fixes can be developed and pushed out, so people can be secure,” Assange said during a press conference broadcast via Facebook Live.
Responding to Assange’s comments, CIA spokesman Jonathan Liu, said in a statement, “As we’ve said previously, Julian Assange is not exactly a bastion of truth and integrity.”
“Despite the efforts of Assange and his ilk, CIA continues to aggressively collect foreign intelligence overseas to protect America from terrorists, hostile nation states and other adversaries.”
The disclosures alarmed the technology world and among consumers concerned about the potential privacy implications of the cyber espionage tactics that were described.
One file described a program known as Weeping Angel that purportedly could take over a Samsung smart television, making it appear it was off when in fact it was recording conversations in the room.
Other documents described ways to hack into Apple Inc <AAPL.O> iPhones, devices running Google’s <GOOGL.O> Android software and other gadgets in a way that could observe communications before they are protected by end-to-end encryption offered by messaging apps like Signal or WhatsApp.
Several companies have already said they are confident that their recent security updates have already accounted for the purported flaws described in the CIA documents. Apple said in a statement on Tuesday that “many of the issues” leaked had already been patched in the latest version of its operating system.
WikiLeaks’ publication of the documents reignited a debate about whether U.S. intelligence agencies should hoard serious cyber security vulnerabilities rather than share them with the public. An interagency process created under former President Barack Obama called for erring on the side of disclosure.
President Donald Trump believed changes were needed to safeguard secrets at the CIA, White House spokesman Sean Spicer told a news briefing on Thursday. “He believes that the systems at the CIA are outdated and need to be updated.”
Two U.S. intelligence and law enforcement officials told Reuters on Wednesday that intelligence agencies have been aware since the end of last year of a breach at the CIA, which led to WikiLeaks releasing thousands of pages of information on its website.
The officials, speaking on condition of anonymity, said contractors likely breached security and handed over the documents to WikiLeaks. The CIA has declined to comment on the authenticity of the documents leaked, but the officials said they believed the pages about hacking techniques used between 2013 and 2016 were authentic.
Contractors have been revealed as the source of sensitive government information leaks in recent years, most notably Edward Snowden and Harold Thomas Martin, both employed by consulting firm Booz Allen Hamilton <BAH.N> while working for the National Security Agency.
Assange said he possessed “a lot more information” about the CIA’s cyber arsenal that would be released soon. He criticized the CIA for “devastating incompetence” for not being able to control access to such sensitive material.
Nigel Farage, the former leader of the populist UK Independence Party, visited Assange at the Ecuadorean embassy in London earlier on Thursday. A representative for Farage said he was unaware what was discussed.
Assange has been holed up since 2012 at the embassy, where he fled to avoid extradition to Sweden over allegations of rape, which he denies.
(Reporting by Dustin Volz; Additional reporting by Eric Auchard in Frankfurt, Joseph Menn in San Francisco and Guy Falconbridge in London; Editing by Frances Kerry and Grant McCool)