The UK police and security services have frequently touted the necessity of “equipment interference” techniques – cyberweapons used to infect suspects’ computers – in their investigations, but they have refused to release any information about their use in response to 40 Freedom of Information requests from Motherboard.
All of these tools leverage vulnerabilities in widely used systems. There’s a roaring trade in discovering these vulnerabilities, weaponizing them, and selling them to police forces (EU companies like Hacking Team have been revealed as suppliers of these weapons to torturing, autocratic regimes around the world). The weapons rely on these vulnerabilities remaining intact and unpatched, which means that they’re exploitable by criminals, other countries’ spies, corporate espionage firms, griefers and voyeurs.
This contradiction between cyberweapon development and public safety makes the UK police’s lack of transparency all the more grave.
