Sydney Morning Herald, 8 March 2012
Cyber criminals are not the only ones buying software flaws, say sources.
The Australian government is buying computer security weaknesses found by hackers before they are sold on the black market, as part of its defence strategy, claim those at the coal face of cyber security.
“The Australian government has developed these capabilities as part of ASIO, DSD [Defence Signals Directorate], CSOC [Cyber Security Operations Centre] and possibly others. But they are purely for research and defence,” says an Australian security consultant who wishes to remain anonymous.
He says while the government won’t admit it, buying vulnerabilities is an obvious part of “gathering intelligence”.
. . . . . . .
“There is a trade in weaponised exploits being provided by hackers to the security vendors,” confirms another source, a hacker, who spoke to Fairfax’s IT Proon the condition of anonymity.
Phi Beta Iota: Were Western governments responsible (China-Russia seems to be doing better), there would be an international Center of Computational Mathematics and Security, we would all be using open source software, and bugs would not exist past beta. It is clear that cyber-bugs, like the Cold War and the Global War on Terror, both fraudulent, are desired by governments as justification for spending on irresponsible government.