Yesterday, Wikileaks published what it claims is a cache of confidential documents from the United States’ Central Intelligence Agency (CIA), detailing the agency’s hacking and surveillance capabilities. Amongst the key allegations are that the CIA has developed ways to hack connected devices such as televisions, has compromised the operating systems of popular smartphones, and has failed to make product manufacturers aware of security flaws in their products. The Web Foundation – established by the web’s inventor, Sir Tim Berners-Lee – is calling for answers and a response from the US government.
Craig Fagan, Policy Director at the Web Foundation said:
“Governments should be safeguarding the digital privacy and security of their citizens, but these alleged actions by the CIA do just the opposite. Weaponising everyday products such as TVs and smartphones – and failing to disclose vulnerabilities to manufacturers – is dangerous and short-sighted. It puts people around the world at risk of attack from hackers and repressive regimes, and this leak itself shows just how likely such tools are to spread beyond the organisation that developed them.
“Going after devices circumvents the work that has been done to bolster encryption as a safeguard to our data privacy, particularly in the aftermath of past revelations about government surveillance.
“If these new assertions prove true, we call on the Trump administration and other governments to stamp out such practices. The problem is widespread – in 2014 our Web Index research showed that 83% of countries had weak or non-existent safeguards to protect the privacy of online communications. Now is the time to address this – these issues will only magnify as more devices are connected and machine-to-machine communications become even more common.
“The Web Foundation urges governments to take urgent steps to protect our digital privacy and security – including checks and balances to protect citizens from any overreach by security forces. We need political reform – if we try to rely on technical solutions alone, governments will simply stay one step ahead by learning how to crack the technologies. For their part, companies must step up to the plate too – by pressuring governments to make these reforms, while also investing more in device security and encrypting data to and from connected devices by default.”