A NSA hacking claim that “cyber weapons” were stolen from a group associated with the security agency and are being put up for auction has put crypto-currency Bitcoin back in the news. The files supposedly contain the frameworks for multiple NSA hacking tools.
Advertisement
The group posted its claim on the data theft in a now-deleted post to the microblogging site Tumblr, the report said. The second, encrypted, file is being auctioned off to the highest bidder.
Deep within the digital vaults of the NSA is an entity referred to as the Equation Group, which was responsible for some of the United States government’s most damaging cyberattacks against nations and groups, including Stuxnet and Flame.
Several security researchers have said the hack appears to be real. But this insider knowledge from Snowden just made it much, much more interesting. “We find many Equation Group cyber weapons”.
As security firm Kaspersky reported previous year, Equation Group is a mysterious and sophisticated malware distributor that is perhaps associated with the US National Security Agency (NSA). “You bid against Equation Group, win and find out or bid pump price up, piss them off, everyone wins”.
“What’s clear is that these are highly sophisticated and authentic hacking tools”, said Oren Falkowitz, chief executive of Area 1 Security and another former TAO employee.
But the “teaser” files don’t include any very valuable information, he says – and the question now is whether the hackers actually have more files. Snowden commented on Twitter about the timing: That’s the same month he began leaking valuable government documents. Don’t believe in an actual hack.
Instead, like the recent cyberattacks that targeted the Democratic National Committee and the Democratic Congressional Campaign Committee, the release has a political tinge to it. Snowden speculated that the attack could be Russian in origin, a digital warning shot to remind the US of the Kremlin’s reach and to discourage it from publicly attributing the hacks that affected the Democratic organizations.
On one hand, people inside the NSA are likely carrying on with “business as usual”, the source said. He suggests that it is a Russian-originated attack created to expose evidence of NSA cyber warfare activities. “No one knows, but I suspect this is more diplomacy than intelligence, related to the escalation around the DNC hack”, he posted.
Mr Snowden tweeted on Tuesday: “This leak is likely a warning that someone can prove USA responsibility for any attacks that originated from this malware server”.
“This could have significant foreign policy consequences”, he said in another tweet.
The stolen cyber surveillance tools might help foreign governments do forensics on their own computer systems to determine whether they have been targets of USA surveillance efforts, a potentially embarrassing development for Washington.
Advertisement
The leak looks like a warning that any attempt to point the finger at Moscow over alleged electoral interference “could get messy fast”, Snowden tweeted.
