The Shadow Brokers now say that they have copies of the cyber tools the NSA’s group has used in some of its attacks.
Advertisement
The tool allows the NSA to execute “man-in-the-middle” attacks, which intercept traffic on a network as it’s traveling from its origin to its destination.
Some of the servers in the Shadow Brokers leak used software from Cisco, including the company’s Adaptive Security Appliance (ASA) operating system, which powers data center firewalls.
“Circumstantial evidence and conventional wisdom indicates Russian responsibility”, Snowden said.
That’s bad news for user security: For one, these tools are now available to criminal hackers. It was auctioning the files for bitcoin, and if the process raised a million bitcoins ($575 million), it promised to decrypt the files and dump them in public for all to use.
“The real problem for us is that the Russians seem to have taken the gloves off in the cyberdomain”, said Lewis, of the Center for Strategic and International Studies, “and we don’t know how to respond”.
The Shadow Brokers claim to have broken into the systems of hackers known as the Equation Group.
Hackers calling themselves Shadow Brokers started an auction for the malware last week.
“Knowing this, NSA’s hackers (TAO) are told not to leave their hack tools (‘binaries’) on the server after an op”. Should you be curious of the specifics, go ahead and read all about it in the blog post by Omar Santos, Cisco’s security engineer.
The hacking tools come from a what’s called the “Equation Group”, another hacking group long believed to be an NSA offshoot.
In a series of messages posted to Twitter, Snowden suggested the leak was the fruit of a Russian attack on an NSA-controlled server and could be aimed at heading off US retaliation over allegations that the Kremlin is interfering in the USA electoral process. Binney believes Iran is already studying Stuxnet, seeking to reverse engineer and upgrade it and use it to its own interests.
Via Twitter, Snowden commented on the apparent hack, saying the most notably thing wasn’t that NSA servers were breached, but that the hack has now been publicized.
USA spy agency apparent victim of data breach after hackers leak classified computer code online.
The Shadow Brokers released a bit of the captured data (some 300 MB) on the web to prove their claim.
He suggests there could be some Russian involvement and that this warning is created to show that proof exists that the US took part in certain hacks, by linking it to the tools discovered on the server.
Advertisement
The U.S. National Security Agency, which gained worldwide notoriety in 2013 after Edward Snowden revealed its data snooping techniques, has itself become the target of an apparent data breach.
