NSA spent $25 million on 'software vulnerabilities' in 2013

All sizes | Good | Flickr - Photo Sharing!
The vulnerabilities are reportedly used to hack foreign governments.

The U.S. National Security Agency spent more than $25 million this year to buy "software vulnerabilities" from gray-market malware vendors, the Washington Post reports.

These vulnerabilities are "zero-day" bugs that even the software vendors themselves don't know about, and shady security firms sell them to the high bidder rather than reporting them to companies. In some cases, the highest bidder is apparently the U.S. government, which uses its stash of malware to spy on foreign governments.

Some zero-days can sell for as much as six figures, according to the Post.

The NSA's investment in software vulnerabilities was revealed by an intelligence community "black budget" that leaked earlier this week. According to that document, the NSA accounts for more than 20 percent of the $52.6 billion the U.S. government has spent on intelligence this year.

Of the $10.8 billion the NSA spent in 2013, $1.6 billion went to "data processing and exploitation," the category that presumably covers the purchase of zero-day vulnerabilities.

H/T The Washington Post | Photo by Snowshot/Flickr

internet freedom
Leaked 'black budget' reveals U.S. spent most of its intelligence funds on NSA, CIA
Throughout the summer, a series of leaked National Security Agency reports has given the world a glimpse at the often controversial surveillance activities of the U.S. government. The latest leak, published by the Washington Post, reveals how America’s 16 intelligence agencies divided up their $52.6 billion budget in 2013, shedding light on the shifting priorities of the intelligence community since September 11, 2001.
From Our VICE Partners

Pure, uncut internet. Straight to your inbox.

Thanks for subscribing to our newsletter!