Calling leak of sophisticated
spy tools unprecedented, whistleblower says things 'could get messy fast'
The National Security
Administration (NSA) was allegedly hacked by a mysterious group calling itself
"The Shadow Brokers,"
and the "most powerful espionage tools" of the NSA's elite hacker
team, as the Washington Post put it, were leaked to the internet this
weekend.
The Post reported
late Tuesday:
A cache of hacking tools with
code names such as Epicbanana, Buzzdirection, and Egregiousblunder appeared
mysteriously online over the weekend, setting the security world abuzz with
speculation over whether the material was legitimate.
The file appeared to be real,
according to former NSA personnel who worked in the agency's hacking division,
known as Tailored Access Operations (TAO).
"Without a doubt, they're
the keys to the kingdom," said one former TAO employee, who spoke on the
condition of anonymity to discuss sensitive internal operations. "The
stuff you're talking about would undermine the security of a lot of major
government and corporate networks both here and abroad.”
Said a second former TAO
hacker who saw the file: "From what I saw, there was no doubt in my mind
that it was legitimate."
"The exploits are not
run-of-the-mill tools to target everyday individuals," the Post added.
"They are expensive software used to take over firewalls, such as Cisco
and Fortinet, that are used 'in the largest and most critical commercial,
educational and government agencies around the world,' said Blake Darche,
another former TAO operator and now head of security research at Area 1
Security."
In a series of tweets, noted
NSA whistleblower Edward Snowden posited that Russia was behind the breach.
As Forbes observed:
"He believes, as do others, that the timing of the leak is interesting. As
many of the leaked files were dated mid-2013, the hackers have been
sitting on the data for at least three years. It's only now the materials are
being released, a matter of months after U.S. intelligence sources and American
security companies claimed the Democratic National Committee (DNC) had been
hacked by Russia. Snowden believes Russia is sending a warning on the dangers
of attributing cyberattacks."
"This leak is likely a
warning that someone can prove U.S. responsibility for any attacks that
originated from this malware server," Snowden tweeted. "That could
have significant foreign policy consequences. Particularly if any of those
operations targeted U.S. allies."
Read Snowden's full theory here:
No comments:
Post a Comment