“WikiLeaks is trying to carve out a bigger and broader role for itself other than providing information and documentations as they have done in the past. It sounds like they are trying to increase their relevance and their leverage over companies and other organizations,” Carone said.
The professor further said that, as far as information “vulnerability” is concerned, tech companies like Microsoft and Google receive their information from many different sources, so it remains unclear how WikiLeaks differentiates itself from a very rich landscape of companies that provide information like this.
Talking about whether this could be a revenue driven move for WikiLeaks, Carone said that, “If it is revenue they are after, then there is a high bar near it, because the talent out there is extremely significant and they are starting from a point of being simply an information depository. Although they do have significant information from insiders and that could benefit them but I am not sure one can build a business model with this.”
Talking about how the tech companies perceive security breaches, Carone said, “There has always been a debate over how much tech companies spend to implement security on their devices: it costs a lot of money, the talent required to do it is also expensive and it takes a lot of time and it was never a strong business case because companies view security vulnerability from a risk management perspective and so they have accepted some level of risk associated with vulnerabilities in the software they produce and sell.”
According to the Motherboard, citing unnamed sources, WikiLeaks asked for a 90-day disclosure deadline, which would compel companies to commit to issuing a patch within three months.
Earlier the founder of the whistleblowing site Julian Assange said that WikiLeaks seeks to work with tech companies to help them close revealed security gaps. This comes, as the CIA, for now, has apparently made no contact with the tech companies to disclose the vulnerabilities itself.
On March 7, WikiLeaks released the first part of what it called an unprecedentedly large archive of CIA-related classified documents.
According to the website, a large archive comprising various viruses, malware, software vulnerability hacks and relevant documentation, was uncovered by US government hackers, which is how WikiLeaks gained access to some of the data from the trove.