Obama Allows NSA Use of Zero-Day Exploits Labeling it “National Security Needed”


Saturday, the Senior Administration Officials of the USA had a discussion on cyber security. Officials noted that President Obama has made a clear decision that if a United States Intelligence agency discovers a critical vulnerability, most of the time the agency should reveal the exploit rather than taking action, reported The New York Times.

With the statement, most of the time, there is an exception. President Obama detailed an exception to the policy, stating “Unless there is a clear national security or law enforcement need”. The statement means that agencies such as the NSA and others can continue with their surveillance by exploiting vulnerabilities, and it be labeled as legal.

After four months of the review on the final report on Intelligence and Communications Technologies, President Obama has authorized use of numerous strategies. One recommendation in the report labeled on page 37 states, “In rare instances, US policy may briefly authorize using a Zero Day for high priority intelligence collection, following senior, interagency review involving all appropriate departments.” This information was disclosed just one day after the Heartbleed Bug exploit broke news, and was then reported that the NSA was alleged to have exploited Heartbleed for over 2 years.

The NSA denied exploiting the Heartbleed Bug and concluded, “In response to the recommendations of the President’s Review Group on Intelligence and Communications Technologies, the White House has reviewed its policies in this area and reinvigorated an interagency process for deciding when to share vulnerabilities. This process is called the Vulnerabilities Equities Process. Unless there is a clear national security or law enforcement need, this process is biased toward responsibly disclosing such vulnerabilities”.

Already known, the NSA is the biggest buyer throughout the world of Zero-Day exploits, and and cyber security vulnerabilities. Both the NSA and FBI have been caught compromising sensitive data through purchased zero days. Now any government agencies located throughout the US can label these purchases as “National Security Needed”.

About Author

Brandon Stosh is the founder and CEO of www.freedomhacker.net. Stosh is a cyber security researcher and professional consultant who strives to provide reliable news on cyber-security based topics.

Leave A Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.