The hacks of emails from the Democratic National Committee led to the resignation of its chairperson Debbie Wasserman Schultz and a few other officials. The agency’s operatives can get lazy, and sometimes they leave behind files inside the servers they’ve hacked.
Advertisement
The possible hacking of NSA systems and the theft of cyber weapons has not been confirmed by USA authorities yet.
According to the researchers, the codenames used by Equation Group were also discovered in the NSA documents earlier revealed by Edward Snowden.
NSA whistleblower Edward Snowden commented on the hack, faulting a lazy staffer for the possible leak.
Snowden has also weighed in to offer his thoughts on the hack and – based on the assumption it is true – suggested on Twitter that this was a shot across the bow for the NSA.
“NSA malware staging servers getting hacked by a rival is not new”, he says.
While Kaspersky declined to directly call the group a division of the NSA, similarities between the two projects including the tools and language used by each have led experts to conclude as much.
Technical experts have spent the past day or so picking apart a suite of tools allegedly stolen from the Equation Group, a powerful squad of hackers which some have tied to the NSA.
Former NSA General Counsel Baker suggested that “the more disastrous and less likely scenario is that someone has hacked USA infrastructure and extracted large files”, and likely has the ability to do so again. For instance, the exploits found within the samples rely on having direct access to the firewall’s interface, which is normally restricted from outside Internet users, Martin said.
“These exploits have a huge value”, and normally hackers would never give them away, he said.
In doing so, the security body recreates the exploits they find to identify their targets to defend themselves when they are the target in the future.
Still unknown is whether the Shadow Brokers obtained the cyber tools through a hack or an inside job.
The sample files that have been released were dated most recently to 2013.
‘The data [released so far] appears to be relatively old; some of the programs have already been known for years, ‘ said researcher Claudio Guarnieri, and are unlikely ‘to cause any significant operational damage’. “At first glance it is sound that these are important attack-related files, and yes, the first guess would be Equation Group”.
However, a potentially more alarming issue is what else might have been stolen.
The tools were posted by a group calling itself the Shadow Brokers using file-sharing sites such as BitTorrent and DropBox. The rest – “the best files” – will be released, they claim, to whoever wins the auction.
“We want make sure Wealthy Elite recognizes the danger cyber weapons, this message, our auction, poses to their wealth and control”, the Shadow Brokers wrote in their cryptic message during the leak. “It’s total nonsense”, Nicholas Weaver, a computer security researcher at the University of California at Berkeley, told The Washington Post’s Ellen Nakashima.
At the same time, other spy services, like Russia’s, are doing the same thing to the United States. We hack Equation Group.
Advertisement
So who are these Shadow Brokers?
