The phrase “Knowledge is power” has never before become so clear and scary. The knowledge that is kept secret can be even more dangerous. Dangerous for U.S. citizens, their privacy while browsing the internet, people overseas, and all companies worldwide. This is because there are bugs within their software that can be exploited and these bugs or vulnerabilities are being sold to government agencies who can then exploit them at a later date.
The type of vulnerabilities being sold is called “zero-day exploits.” This means the original software builder and company using the software has no idea there is a problem and has no way to protect themselves from an attack.
These researchers make their living by finding these flaws. The kicker is that they don’t tell the company using the software of the bug in order to fix it, as was the case a couple years back where they could fix the problem at hand and make the software more secure, but now they are keeping this information secret and selling it to other companies who can exploit it later.
With the growing market of selling vulnerabilities, U.S. security and the security of all citizens are at greater risk. The long-term repercussions could be devastating as this information is sold and kept secret. Such vulnerabilities are used by hackers to steal data or disrupt business operations and by foreign governments to spy or destroy defense systems, bank systems, and identities.