“Remote access on Cisco [equipment] sounds like it has national-security-level value to me”, says Aitel, who has posited in a blog post that the data was in fact stolen from the NSA and that the Shadow Brokers group was likely Russian.
Advertisement
Matt Suiche, founder of incident response firm Comae Technologies, has said the released sample files also include previously unpublished exploits that targeted Cisco, Juniper, Fortigate and Topsec equipment. The Equation Group is a name given to a team of US state-sponsored hackers by researchers at Kaspersky Lab which has collected a great deal of information that seems to indicate that the NSA has created an office with extremely talented developers who appear to have unlimited resources. “The hack of an NSA malware staging server is not unprecedented, but the publication of the take is”, he explained on Twitter. “It seems nothing can stay protected anymore”. This was a reference to the campaign of the Democratic Party and much of the U.S. media to blame the Russian government for last month’s leak of Democratic National Committee emails showing corrupt efforts by the party leadership to undermine the primary campaign of Vermont Senator Bernie Sanders. But if experts have pegged the connection correctly, it begs questions over how committed the USA government is to sharing vulnerability information with private vendors.
When those problems go unfixed, it leaves everyday people vulnerable because other hackers might find and exploit the same issues. There’s an official process called an equities review that the government uses to weigh when it will tell software makers about security problems it discovers in their products.
When dealing with the secrets of intelligence agencies, don’t expect the news to be very forthcoming, but keep checking back with Liberty News Now for updates. The VEP has been criticized by organizations, including the Electronic Frontier Foundation, as being opaque. The Grugq said the files look legitimate. “An attacker could exploit this vulnerability by sending crafted SNMP packets to the affected system”, Cisco said in a security advisory. If the Equation Group is the NSA, the agency has long known of the flaw.
The announcement from The Shadow Brokers was also published on GitHub and Tumblr, but both entries were quickly deleted.
Despite it being hard to determine whether these files are 100pc legitimate, a number of security researchers have said that this certainly looks like it could be genuine.
As proof, the hackers released a swathe of malware programs, including a number of pieces of software referenced in the leaks from NSA whistleblower Edward Snowden.
To support its claims, the group released samples of the files it said belonged to the Equation Group. “The stuff they have there is super-duper interesting, but it is by far not the most interesting stuff in the tool set”, he said.
Advertisement
“Equation Group” is a name used in cybersecurity circles for the National Security Agency.
