FBI Keeps Internet Flaws Secret to Defend Against Hackers

The Obama administration is letting law enforcement keep computer-security flaws secret in order to further U.S. investigations of cyberspies and hackers.

The White House has carved out an exception for the Federal Bureau of Investigation and other agencies to keep information about software vulnerabilities from manufacturers and the public. Until now, most debate has focused on how the National Security Agency stockpiles and uses new-found Internet weaknesses, known as zero-day exploits, for offensive purposes, such as attacking the networks of adversaries.

The law enforcement operations expose a delicate and complicated balancing act when it comes to agencies using serious security flaws in investigations versus disclosing them to protect all Internet users, according to former government officials and privacy advocates.

“You might have a bad guy using a zero-day to attack a nuclear facility,” Steven Chabinsky, a former deputy assistant director in the FBI’s cybersecurity division, said in a phone interview. “The FBI doesn’t disclose that vulnerability because they don’t want to tip their hand.”...


No comments:

Post a Comment