Cisco and Fortinet have issued patches for zero-day exploits affecting their products contained in a dump of intrusion and surveillance tools allegedly used by an NSA-affiliated hacking group. Experts across the world are still examining what amount to electronic lock picks.
Advertisement
Some of the National Security Agency’s most powerful and top-secret hacking tools appear to have been posted online in recent days, raising alarms among American security experts that the supposedly impenetrable spy agency has itself been hacked and its potent cyberespionage capabilities made publicly available.
The tool kit consists of a suite of malicious software meant to tamper with firewalls, the electronic defenses protecting computer networks. As security experts weighed in, it became more clear that the leaked tools were legitimate, and the Snowden documents released today are the closest we may get to the smoking gun. “We find many many Equation Group cyber weapons“.
In releasing the cyberweapons, the Shadow Brokers claimed it had in its possession a much larger – and presumably more damaging – cache of stolen data from the Equation Group that it would auction off to the highest bidder or release for free if the auction raised the equivalent of about $550 million. The security firm Kaspersky said it believed the original files were from Equation Group, which is thought to be linked to the NSA. The Moscow-based company said the two used “functionally identical” encryption techniques. In 2014 the National Security Council cybersecurity coordinator Michael Daniel told Wired that the process led to the NSA sharing the majority of flaws that it identifies. While the revelation (assuming it’s real) will be of great interest to security researchers and to cyber-warriors generally, the fact is that it’s probably not a big deal to the average CISO trying to keep employees from writing their passwords on their monitors or who is trying to keep up with the reports from the network intrusion detection system.
Cisco added that the company has yet to release a software update to fix the vulnerability, but that a workaround does exist. Cisco, however, said Tuesday it was investigating the exploits.
NSA whistleblower Edward Snowden has said “circumstantial evidence and conventional wisdom” indicates that Russian Federation is behind a major hack on the National Security Agency. “If they didn’t know, this is VERY BAD”.
The NSA hasn’t commented on the alleged leak.
NSA expert James Bamford said the hack appeared to be significant, but he cautioned against pointing the finger at Russian Federation, especially the government, given how many different groups of hackers routinely target NSA servers.
A statement, written in broken English, from Shadow Brokers appears to direct the hack at “wealthy elites”.
Advertisement
Few take the name or the manifesto at face value.
