>> When WikiLeaks founder, Julian Assange, disclosed this month that he'd gotten a trove of CIA tools for hacking into phones, computers, and other gear, Cisco security engineers swung into action, working round the clock to figure out how the CIA was exploiting flaws in Cisco's Internet switches to turn them into eavesdropping machines.
Reuters cybersecurity reporter, Joseph Menn.>> Not only were those companies not warned when the agency decided to develop those tools, but even when they realized late last year that the CIA tools had walked out the door, even then they didn't tell Cisco and Apple and Microsoft, according to employees at those companies
>> The fiasco highlights a growing concern about the government's approach to cybersecurity. Namely, it puts offense before defense.>> In part, it's that offense is more fun. It's fun to sit at your keyboard and cause real pain elsewhere. As a former White House advisor described it to me, it's less fun to do this sort of basic blocking and tackling that is a lot of defense.
Another part of it, former NSA director Keith Alexander testified last week about. He said, the government still hasn't really sorted out who's responsible for defense.>> That's because some argue that companies should do some defense on their own, but others, like Alexander, say companies and many institutions are no match for nation states, especially ones taking advantage of hidden flaws in US products.
Hacking attacks have occurred in the US, as result of the government keeping the security vulnerability of gadgets to themselves. No word on whether the CIA will change it's approach, but as we know they're pretty tight lipped.