The security and intelligence organization of the UK government has said it will sometimes retained the information to secure the “ national security interests”. GCHQ has made its decision-making proceedings publicly for the first time.
The service has a squad of researchers that observe flaws in different kinds of computer software and systems, from the most commercial used by millions of people to nook technical kit.
Factors that might lead to a weakness being remained secret are:
- There is no way of fixing
- Product is no longer supported
- The product is so deficiently designed that it can never be secured.
- An uppermost intelligence requirement that can not be satisfied in any other way.
A statement issued on the National Cyber Security Center websites claimed : “ We’ve discovered vulnerabilities and informed the vendors of every major mobile and desktop platform for over 20 years.This work plays an important role in helping to secure the technology which underpins our economy and the everyday lives of millions of people in the UK and abroad.However, we do not disclose every vulnerability we find.In some cases, we judge that the UK’s national security interests are better served by ‘retaining’ knowledge of a vulnerability”.
The statement claims the information can be used , “to gather intelligence and disrupt the activities of those who seek to do the UK harm, including terror groups, serious and organised crime gangs, and malign states ”.
Ifv there is an insight purpose it has to be in a recent case or one in the recent future and it is remained under review. The practice of conserving weakness inflamed controversy in the United States after the information thieved from the national security agency was used to enact from the National Security Agency was used to enact the huge Wannacry attack in 2017 which influenced a number of organizations internationally including the NHS.