U.S. Rep. Adam Schiff, the ranking Democrat on the House Intelligence Committee, also spoke with Mary Louise.
Advertisement
Has the US National Security Agency (NSA) been hacked in a an unprecedented manner, or is someone playing an elaborate hoax? If we assume Russian Federation is behind this new leak, as some people close to the intelligence community are, just as it likely is behind all the Guccifer 2.0 leaks, dumping alleged NSA tools online would be a great way to tell the United States government: be careful when pointing the finger at us, we can do the same.
The hackers over the weekend posted two sets of one which is freely accessible, files and another that stays encrypted. The second trove, though, remains locked with the password up for auction.
Some believe the Equation Group is responsible for the leak, while others say it might be the NSA itself. The NSA isn’t talking.
Security experts and former National Security Agency officials also believe that material posted online – essentially a cyber version of a burglar’s bag of breaking and entering tools – is somehow connected to an unprecedented and ongoing campaign by Russian Federation to meddle in USA affairs, including the presidential election.
The “suspect list” of actors who could likely get this kind of data as well as publicize it points to Russian Federation and China, according to Nicholas Weaver, a senior researcher at the International Computer Science Institute at University of California at Berkeley.
The code released by the Shadow Brokers dates most recently to 2013, the same year Edward Snowden leaked classified information about the NSA’s surveillance programs. “Somebody could’ve walked out with a USB key (flash drive). Auction files better than Stuxnet”, the hackers said in posts on Github and Tumblr that were later taken down.
“That to me is a red flag”, James said via email.
– Is it a big deal?
Some of the digital tools in the released files contain names like ExtraBacon, Epicbanana and Eligible Bachelor that apparently breach the firewall platforms, for example, of Cisco System’s PIX/ASA, Juniper Network’s Netscreen, and Fortigate made by Fortinet.
The stolen software is believed to be what the NSA uses to hack others, packaged with instructions on how it works.
“Now that the vulnerabilities that the group were exploiting have been disclosed, they will be fixed and new ones will have to be discovered, at significant expense”.
Yet the leak does provide new ideas and concepts that hackers could build on.
The public release by a previously unknown group called the Shadow Brokers of information purportedly stolen from a server run by the National Security Agency’s hacking team is providing a lot of fodder for conspiracy theorists, but hard facts are in short supply.
‘There’s zero debate so far, ‘ he said in a telephone interview.
– Why did they do it?
Deep within the digital vaults of the NSA is an entity referred to as the Equation Group, which was responsible for some of the U.S. government’s most damaging cyberattacks against nations and groups, including Stuxnet and Flame. “This leak is likely a warning that someone can prove U.S. responsibility for any attacks that originated from this malware server”.
According to Snowden, some NSA spies may have gotten lazy, and left their hacking tools on the malware staging server. “We find cyber weapons made by the creators of stuxnet, duqu, and flame”.
Advertisement
The Washington Post reports that the hacking tools released in the teaser file – with names such as Epicbanana, Buzzdirection and Egregiousblunder – are highly sophisticated. The file disclosure shows why it’s important to tell software-makers when flaws are detected, rather than keeping them secret, one of the former agency employees said, because now the information is public, available for anyone to employ to hack widely used Internet infrastructure.
