Security Experts Agree: The NSA Was Hacked Analysis of the software tools made available by the Shadow Brokers suggests that they’re the real deal. by Jamie Condliffe August 18, 2016
It looks as if the NSA has indeed been hacked.
A group of hackers known as the Shadow Brokers is currently selling off cyber-spying tools, which it claims belong to the U.S. government, in an online auction. Now, analysis of software that the group made freely available to prove its legitimacy suggests that it’s authentic, and likely to belong to the National Security Agency.
The Shadow Brokers claimed that their initial public release of the software included tools that could be used to break into firewall systems from companies like Cisco Systems and Juniper Networks. Just days later, Cisco has urgently announced that it’s going to patch two vulnerabilities in its firewall systems, which may have been exploited since as early as 2013. Security experts had claimed that the espionage tools appeared to be old, but Cisco appears to be seeing some of them for the first time.
Meanwhile, Russian security firm Kaspersky has also been interrogating the software. It’s discovered unusual math in the code that’s been published so far, which it believes ties the software to the so-called Equation Group. Kaspersky identified the previously unknown Equation Group last year, and at the time Reuters claimed that it was the work of the U.S. National Security Agency. The same quirky mathematics seen in last year’s analysis is also present in the recently released code.
Ex-NSA employees have also told the Wall Street Journal that they believe the code published by the Shadow Brokers to be “authentic.”
Organizations in the business of hacking, like the NSA, can secretly stockpile vulnerabilities to keep their operations stealthy. Critics of the NSA have accused it of weakening Internet security by hoarding zero-days and preventing companies from fixing their products.