It’s been a week since leaks of the US government’s PRISM spying program, and information on how the government works with tech companies continues to unfurl. In the latest twist, Bloomberg reports that Microsoft shares details of software flaws with US agencies in advance to aid their cyber-espionage activities.
Microsoft’s software is installed on the systems of countless companies — big and small — and governments worldwide so the claim is not to be taken lightly.
The news agency claims that the ‘heads-up’ is provided to authorities before Microsoft publicly announces software vulnerability and issues. That’s significant because it ”can be used to protect government computers and to access the computers of terrorists or military foes”, according to sources familiar with the process.
The report further claims that other software and Internet security firms provide similar details to the US government.
Two anonymous US officials suggest that the companies are aware of why the government requests the information, but — due to the top-secret nature of the situations — they are unable to query how the information is used. Either way, officials would not be able to explain the motivations on account of the law.
Microsoft has — in part — acknowledged that it supplies such information. Company spokesperson Frank Shaw said the tip-offs give the US government “an early start” to patching its own systems.
Bloomberg further explains that “some U.S. telecommunications companies” freely provide US officials with data that requires a court-issued warrant. It’s alleged that such arrangements are struck at a high level, with few individuals aware.
Intel-owned McAfee is specifically cited as an example. Bloomberg explains that the government would agree to a deal to get specific data at CEO level, with perhaps a small technical team involved in the process to complete the request.
The US government has balked at the prospect of Chinese telecoms equipment makers like Huawei and ZTE gaining traction in the US over fears of cyber-spying, so it’s a little more than ironic to hear speculation — from multiple sources — that the US taps into its own software makers to access information overseas.
NSA whistleblower Edward Snowden this week provided the South China Morning Post with information that he claims showed that the US has targeted and hacked into Hong Kong-based systems and data centers.
Headline image via Shutterstock