Former U.S. National Security Agency (NSA) contractor, Edward Snowden, said the key suspect in the NSA hack is Russia.
In a stream of tweets, he laid out his theory on why the NSA was breached by a hacker crew referred to as The Shadow Brokers. The group published data they claimed to have stolen from a server belonging to the Equation Group, a spy operation that links to other alleged American cyber espionage campaigns, including Regin and Stuxnet. The leaks include malware for variously used firewalls, including U.S. manufacturers Cisco, Juniper, and Fortinet and Chinese supplier TopSec.
Little is known about the Shadow Brokers, other than that they used Github, Tumblr, and Mega to publish their files on August 13, 2016. They used broken English to launch a Bitcoin auction for the remaining 40% of data they hadn’t released from the Equation Group attack. It’s also known that the hackers used an email address belonging to Tutanota, a German provider focused on security, to upload the data to Github.
Many of the leaked files were dated for mid-2013, which means the hackers sat on the data for at least three years. The timing for releasing the materials is noteworthy, as it has been a few months after U.S. intelligence sources and American security companies claimed that Russia hacked the Democratic National Committee (DNC). Snowden said that Russia is issuing a warning about the dangers of attributing cyber attacks.
He also noted that the hack of an NSA command and control server for one of its surveillance missions is not strange, but it’s unheard of to make the information so openly published.
While the political consequences could increase tensions between the U.S. and Russia, it’s what’s in the leak that could be particularly damaging for the NSA’s surveillance. Currently, the vulnerabilities allegedly exposed by the Shadow Brokers do not appear to be new or critical.
Via Forbes
Learn more about Electronic Products Magazine