The software apparently dates back to 2013 and appears to have been taken then, experts said, citing such things as file creation dates. The leaked information is more likely to come from a compromised system outside the NSA’s networks that was hosting NSA malware.
Advertisement
Kaspersky, the security firm who closely tracked the “omnipotent” NSA group that was allegedly hacked, said the code was likely real on Tuesday.
The Shadow Group getting its hands on what increasingly look like actual tools used by one of the most advanced government sponsored threat actors shows that no one is immune to leaks. Those appliances are used widely in both enterprise and government environments, and the vulnerability affects all versions of the ASA firewalls, Cisco said. What’s new this time around is that someone is actually calling out the United States in a way that will help other countries detect American spy activity. “On Aug 17, 2016, we issued two security advisories, which deliver free software updates and workarounds where possible”. Fortinet, Inc., a Sunnyvale, California-based security company, also said it was investigating. That the perpetrators of the heist publicized it is the “far scarier” scenario because it goes beyond mere espionage, as Nicholas Weaver, a senior researcher at the International Computer Science Institute at UC Berkeley, put it. “What is clear is that these are highly sophisticated and authentic hacking tools”, said Mr Oren Falkowitz, chief executive of Area 1 Security and a former TAO employee. “If they didn’t know, this is VERY BAD”.
The NSA did not respond to requests for comment about the alleged hack.
There’s also an important blackmail component to the Shadow Brokers operation, he said.
– Edward Snowden (@Snowden) August 16, 20164) Here’s where it gets interesting: the NSA is not made of magic.
In a series of messages, Snowden wondered aloud whether the server the data was stolen from might be linked to a USA attempt to influence a foreign election. “And in the context of the recent conflict between the USA and Russian Federation over election interference, safe money is on the former”. As for the how, multiple theories have been proposed, but one of the most popular suggests an NSA hacker using the tools failed to clean up after an operation, allowing someone to grab the tools without a major hack.
He believes the Shadow Brokers’ cyberattack on the NSA’s group is linked to the Democratic National Convention, afterRussian hackers leaked several emails and voice messages.
Shadow Brokers have already published much of the data they claim to have.
Advertisement
The group’s name appears to be a reference to a character in the “Mass Effect” video games who sells off information to the highest bidder.
