A week ago WikiLeaks released a series of documents in a leak known as Vault 7, incriminating the Central Intelligence Agency of hoarding zero day exploits and hacking tools rather than reporting them to their respective companies in order to help patch the vulnerabilities. The CIA was exposed by WikiLeaks for not revealing these exploits to many large companies like Apple, Microsoft, and even Google, in an 8,761 document long leak.
However, after making a statement that he was going to work with these companies to help them, it would seem the founder of Wikileaks, Julian Assange, has gone back on his promise. Days after announcing this collaboration Assange made contact with the companies, but not in the manner of which they were expecting. In his email, rather than give details on the leaks and vulnerabilities he made a series of demands still unclear to the public. The only demand known currently is that the tech companies must have a patch for all the vulnerabilities ready within a three month window.
What is even more unknown is whether or not the companies plan to meet the mystery demands of Assange. Some companies seem to be pretty confident recent updates that have been pushed out have neutralized the exploits that were previously available. Without the knowledge WikiLeaks possesses however, no one can be particularly sure.
What is even further unsettling is the CIA’s silence on the matter. The CIA has made seemingly no effort to cooperate with the companies involved in order to patch the zero days. It almost seems as if the CIA would rather stay silent than work with the companies to patch the vulnerabilities they know of.
What happens next no one can really know. With these leaks in full bloom could we see another incident like Heartbleed or the Yahoo hack? Leave your thoughts in the comments below.