Secretary of Defense Ash Carter delivers speaks to Cyber Command troops and National Security Agency employees on March 13, 2015.
Advertisement
The NSA group reportedly targeted the same governments as the hackers that designed Stuxnet, a cyber weapon believed to be employed by the U.S. and Israel to kill off Iran’s nuclear program.
The online news site’s editors include journalists that worked with Snowden to publicise his notorious 2013 NSA leak revealing the extent of government snooping on private data.
Another firm confirming a Zero-Day hack of its software in the released code was Fortinet Inc. They can be extremely valuable to both hackers and governments, especially when it comes to cyberespionage. He provided documents that showed the NSA was carrying out extensive hacking of major telecoms providers in China, and the Hong Kong headquarters of Pacnet, which owns a key fibre-optic submarine cable in the region.
Using multiple approaches might help – an intrusion detection system looking for anomalous activity on a network should detect a hacker snooping around – but cyberweapons targeting those systems might also be in the cache.
As a result, the NSA regularly collects and even buys vulnerabilities – reportedly spending millions – but it doesn’t always publicly disclose them. An increasing number of security experts have since said the data appeared to be legitimate. “An attacker could exploit this vulnerability by sending crafted SNMP packets to the affected system”, Cisco said in a security advisory.
The documents have been leaked as part of a surreal online auction by a group calling itself “Shadow Brokers“.
“This is the risk when you have an increasingly large vulnerability repository that’s been around for a while”, he said.
NSA whistle-blower Edward Snowden on Tuesday injected himself into an escalating cyberstruggle that could affect the US presidential election.
“We’re getting to a whole new level of breaches and leaks”, says Jerome Segura, lead malware intelligence analyst with Malwarebytes. Some have called for a more transparent process with nearly automatic disclosure, while others argue we need more information before pushing for reform. “These files are not fully fake for sure”, said security researcher Bencsáth Boldizsár in an interview with Ars Technica.
Cybersecurity analysts are still poring over the material, which raised questions about whether the leak poses a threat to national security or was just a warning from US adversaries.
“One of the exploits was targeting a specific Cisco device, and it was only targeting versions that have actually been outdated and replaced with new ones”, Kremez said.
There has been fierce debate over when US intelligence agencies should share information on vulnerabilities they discover with affected vendors. “We’ve got to move on more quickly than we thought we needed to'”.
The group said it had released to the public 60 percent of the stolen files but retained the rest, and would offer them to the highest bidder in a Bitcoin auction.
These data appear relatively old: Dates present within the published documents indicate that those files were stolen from the NSA about the summer and fall of 2013.
Another security expert, who declined to be named, said that although Topsec might not have the best engineers or technology among mainland cybersecurity companies, they were closest to the government. For instance, the exploits found within the samples rely on having direct access to the firewall’s interface, which is normally restricted from outside Internet users, Martin said.
Advertisement
Security and networking companies scrambled to investigate the flaws exposed by the auction.
