‘Auction’ of NSA Tools Sends Security Companies Scrambling

Snowden, a former contractor for the NSA who leaked thousands of documents detailing a long-term surveillance program by the USA government, said the hack of NSA servers is not unprecedented, but the trumpeted publication is what is new. The relevant code was part of a program dubbed SECONDDATE that was used to spy on Pakistan and a computer system in Lebanon, The Intercept reported. But is it a reality of present circumstances? “This vulnerability can be triggered by IPv4 traffic only”, the advisory said.

“We’re going to need the government’s help to do defense, not just offense”, he said.

China and the USA have traded accusations of hacking for years, but in 2013 former American intelligence analyst Edward Snowden revealed details about the extent of the NSA’s global surveillance programmes in 2013. “The hack of an NSA malware staging server is not unprecedented”, he wrote, “but the publication of the take is”.

One flaw was patched in 2011, but Cisco confirmed the other vulnerability was a zero-day exploit that could let an unauthenticated attacker access the firewall without credentials and remotely execute code on the device.

The US National Security Agency’s most elite hackers use some very unusual names for their hacking tools and exploits. “The notion of a static capability that you can preserve over years’ time, that’s gone”.

“We simply can not operate this way, our customers trust us to be able to deliver to their doorsteps products that meet the highest standards of integrity and security”, Cisco’s CEO wrote in 2014.

But the “teaser” files don’t include any very valuable information, he says – and the question now is whether the hackers actually have more files.

Sample code released by the Shadow Brokers group to demonstrate that it really did have Equation Group (NSA, Australia, Canada, New Zealand and UK) hacking tools for sale included critical flaws in some security software.

The NSA was hacked by a group that calls itself Shadow Brokers, a report earlier this week revealed, with some of the stolen cyberweapons being auctioned off to the highest bidder.

“This code similarity makes us believe with a high degree of confidence that the tools from the Shadow Brokers leak are related to the malware from the Equation Group”, Kaspersky said in a blog post. Notably, all of the files stolen from the Equation Group date back to 2013.

“If this is indeed Russian Federation [behind the Shadowbrokers hack]”, Green said, “then one assumes that they probably have their own exploits, but there’s no need to give them any more”.

Around the same time, WikiLeaks declared that it had a full set of the files- it did not say how it obtained them -and would release them all in the future.

Cybersecurity experts and former USA officials who have analyzed some of the code released online by the Shadow Brokers were already convinced at least some of it appeared very real. But the group’s public posturing has thrown observers for a loop. Although the NSA is staying mum, former NSA hackers told The Post that they appeared legitimate – as have other outside experts.

Among the “cyber weapons” seized and put up for auction by ShadowBrokers, is an array of systems and programs that clandestinely nestle into computers across the globe, according to the Intercept.

“It certainly feels all real”, said Bruce Schneier, a leading authority on state-sponsored breaches.