'Shadow Brokers’ Leak
Aug 17, 2016 00:48:11 #
The release on websites this week of what appears to be top-secret computer code that the National Security Agency has used to break into the networks of foreign governments and other espionage targets has caused deep concern inside American intelligence agencies, raising the question of whether America’s own elite operatives have been hacked and their methods revealed. Most outside experts who examined the posts, by a group calling itself the Shadow Brokers, said they contained what appeared to be genuine samples of the code — though somewhat outdated — used in the production of the N.S.A.’s custom-built malware.
Most of the code was designed to break through network firewalls and get inside the computer systems of competitors like Russia, China and Iran. That, in turn, allows the N.S.A. to place “implants” in the system, which can lurk unseen for years and be used to monitor network traffic or enable a debilitating computer attack. According to these experts, the coding resembled a series of “products” developed inside the N.S.A.’s highly classified Tailored Access Operations unit, some of which were described in general terms in documents stolen three years ago by Edward J. Snowden, the former N.S.A. contractor now living in Russia. But the code does not appear to have come from Mr. Snowden’s archive, which was mostly composed of PowerPoint files and other documents that described N.S.A. programs. The documents released by Mr. Snowden and his associates contained no actual source code used to break into the networks of foreign powers. Whoever obtained the source code apparently broke into either the top-secret, highly compartmentalized computer servers of the N.S.A. or other servers around the world that the agency would have used to store the files. The code that was published on Monday dates to mid-2013, when, after Mr. Snowden’s disclosures, the agency shuttered many of its existing servers and moved code to new ones as a security measure.
By midday Tuesday Mr. Snowden himself, in a Twitter message from his exile in Moscow, declared that “circumstantial evidence and conventional wisdom indicates Russian responsibility” for publication, which he interpreted as a warning shot to the American government in case it was thinking of imposing sanctions against Russia in the cybertheft of documents from the Democratic National Committee.
“Why did they do it?” Mr. Snowden asked. “No one knows, but I suspect this is more diplomacy than intelligence, related to the escalation around the DNC hack.”
Around the same time, WikiLeaks declared that it had a full set of the files — it did not say how it had obtained them — and would release them all in the future. The “Shadow Brokers” had said they would auction them off to the highest bidder.
“I think it’s Snowden-era stuff, repackaged for resale now,” said James A. Lewis, a computer expert at the Center for Strategic and International Studies, a Washington think tank. “This is probably some Russian mind game, down to the bogus accent” of some of the messages sent to media organizations by the Shadow Brokers group, delivered in broken English that seemed right out of a bad spy movie. The N.S.A. would say nothing on Tuesday about whether the coding released was real or where it came from. Its public affairs office did not respond to inquiries. “It certainly feels all real,” said Bruce Schneier, a leading authority on state-sponsored breaches. “The question is why would someone steal it in 2013 and release it this week? That’s what is making people think this is likely the work of Russian intelligence.”
There are other theories, including one that some unknown group was trying to impersonate hackers working for Russian or other intelligence agencies. Impersonation is relatively easy on the internet, and it could take considerable time to determine who is behind the release of the code. The Shadow Brokers first emerged online on Saturday, creating accounts on sites like Twitter and Tumblr and announcing plans for an auction. The group said that “we give you some Equation Group files free” and that it would auction the best ones. The Equation Group is a code name that Kaspersky Labs, a Russian cybersecurity firm, has given to the N.S.A. While still widely considered the most talented group of state-sponsored hackers in the world, the N.S.A. is still recovering from Mr. Snowden’s disclosures; it has spent hundreds of millions of dollars reconfiguring and locking down its systems. Mr. Snowden revealed plans, code names and some operations, including against targets like China. The Shadow Brokers disclosures are much more detailed, the actual code and instructions for breaking into foreign systems as of three summers ago.
“From an operational standpoint, this is not a catastrophic leak,” Nicholas Weaver, a researcher at the International Computer Science Institute in Berkeley, Calif., wrote on the Lawfare blog on Tuesday.
But he added that “the big picture is a far scarier one.” In the weeks after Mr. Snowden fled Hawaii, landing in Hong Kong before ultimately going to Russia, it appears that someone obtained that source code. That, he suggested, would be an even bigger security breach for the N.S.A. than Mr. Snowden’s departure with his trove of files.
However, the fact that the code is dated from 2013 suggests that the hackers’ access was cut off around then, perhaps because the agency imposed new security measures.
The attack on the Democratic National Committee has raised questions about whether the Russian government is trying to influence the American e******n. If so, it is unclear how — or whether — President Obama will respond. A response could be public or private, and it could involve sanctions, diplomatic warnings or even a counterattack.
“The real problem for us is that the Russians seem to have taken the gloves off in the cyberdomain,” said Mr. Lewis, of the Center for Strategic and International Studies, “and we don’t know how to respond.”
Was the N.S.A. Hacked? - The New York Times http://apple.news/AQtEGtr_ESMq1z1R-0nTtvg
Most of the code was designed to break through network firewalls and get inside the computer systems of competitors like Russia, China and Iran. That, in turn, allows the N.S.A. to place “implants” in the system, which can lurk unseen for years and be used to monitor network traffic or enable a debilitating computer attack. According to these experts, the coding resembled a series of “products” developed inside the N.S.A.’s highly classified Tailored Access Operations unit, some of which were described in general terms in documents stolen three years ago by Edward J. Snowden, the former N.S.A. contractor now living in Russia. But the code does not appear to have come from Mr. Snowden’s archive, which was mostly composed of PowerPoint files and other documents that described N.S.A. programs. The documents released by Mr. Snowden and his associates contained no actual source code used to break into the networks of foreign powers. Whoever obtained the source code apparently broke into either the top-secret, highly compartmentalized computer servers of the N.S.A. or other servers around the world that the agency would have used to store the files. The code that was published on Monday dates to mid-2013, when, after Mr. Snowden’s disclosures, the agency shuttered many of its existing servers and moved code to new ones as a security measure.
By midday Tuesday Mr. Snowden himself, in a Twitter message from his exile in Moscow, declared that “circumstantial evidence and conventional wisdom indicates Russian responsibility” for publication, which he interpreted as a warning shot to the American government in case it was thinking of imposing sanctions against Russia in the cybertheft of documents from the Democratic National Committee.
“Why did they do it?” Mr. Snowden asked. “No one knows, but I suspect this is more diplomacy than intelligence, related to the escalation around the DNC hack.”
Around the same time, WikiLeaks declared that it had a full set of the files — it did not say how it had obtained them — and would release them all in the future. The “Shadow Brokers” had said they would auction them off to the highest bidder.
“I think it’s Snowden-era stuff, repackaged for resale now,” said James A. Lewis, a computer expert at the Center for Strategic and International Studies, a Washington think tank. “This is probably some Russian mind game, down to the bogus accent” of some of the messages sent to media organizations by the Shadow Brokers group, delivered in broken English that seemed right out of a bad spy movie. The N.S.A. would say nothing on Tuesday about whether the coding released was real or where it came from. Its public affairs office did not respond to inquiries. “It certainly feels all real,” said Bruce Schneier, a leading authority on state-sponsored breaches. “The question is why would someone steal it in 2013 and release it this week? That’s what is making people think this is likely the work of Russian intelligence.”
There are other theories, including one that some unknown group was trying to impersonate hackers working for Russian or other intelligence agencies. Impersonation is relatively easy on the internet, and it could take considerable time to determine who is behind the release of the code. The Shadow Brokers first emerged online on Saturday, creating accounts on sites like Twitter and Tumblr and announcing plans for an auction. The group said that “we give you some Equation Group files free” and that it would auction the best ones. The Equation Group is a code name that Kaspersky Labs, a Russian cybersecurity firm, has given to the N.S.A. While still widely considered the most talented group of state-sponsored hackers in the world, the N.S.A. is still recovering from Mr. Snowden’s disclosures; it has spent hundreds of millions of dollars reconfiguring and locking down its systems. Mr. Snowden revealed plans, code names and some operations, including against targets like China. The Shadow Brokers disclosures are much more detailed, the actual code and instructions for breaking into foreign systems as of three summers ago.
“From an operational standpoint, this is not a catastrophic leak,” Nicholas Weaver, a researcher at the International Computer Science Institute in Berkeley, Calif., wrote on the Lawfare blog on Tuesday.
But he added that “the big picture is a far scarier one.” In the weeks after Mr. Snowden fled Hawaii, landing in Hong Kong before ultimately going to Russia, it appears that someone obtained that source code. That, he suggested, would be an even bigger security breach for the N.S.A. than Mr. Snowden’s departure with his trove of files.
However, the fact that the code is dated from 2013 suggests that the hackers’ access was cut off around then, perhaps because the agency imposed new security measures.
The attack on the Democratic National Committee has raised questions about whether the Russian government is trying to influence the American e******n. If so, it is unclear how — or whether — President Obama will respond. A response could be public or private, and it could involve sanctions, diplomatic warnings or even a counterattack.
“The real problem for us is that the Russians seem to have taken the gloves off in the cyberdomain,” said Mr. Lewis, of the Center for Strategic and International Studies, “and we don’t know how to respond.”
Was the N.S.A. Hacked? - The New York Times http://apple.news/AQtEGtr_ESMq1z1R-0nTtvg
Aug 17, 2016 02:31:02 #
I would not doubt that Hillary or maybe Obama has SOLD the information to other nations so they can hack and do anything they want! As criminal as those two "stains" are anything is possible!
Aug 17, 2016 06:18:02 #
QuestGirl
Loc: Jayhawk Country
I read once, one article, once mentioned in just one on-line article, when her less than secure server issue became known. I read....
The State Department had to disarm (I'm not IT, forgive me) the government server in order to receive emails sent through the one unprotected unsecure home version server belonging to Hillary...and her blackberry. The agency could send out emails to the unprotected server. The security however, would not allow to receive an email from an unprotected server. So, in their finite wisdom, they removed walls of security, until the obnoxious email could be received. Remember, this is inter-departmental areas. Not the sites we Google.
I ain't that bright. Yet nevertheless, I imagine one giant blackhole opened up. Sucking everything that could be sucked from all government agencies. I'll give the benefit, maybe only most agencies. The DNC was just a tinge of a tickle.
Can't wait for the main course...and then dessert! Maybe even an after dinner drink!
God only knows the depth of deceptions that have branched out entangling our entire society into a very dense web. A firm choke hold, at best.
I got nothin' without Hope...else I am dismayed.
The State Department had to disarm (I'm not IT, forgive me) the government server in order to receive emails sent through the one unprotected unsecure home version server belonging to Hillary...and her blackberry. The agency could send out emails to the unprotected server. The security however, would not allow to receive an email from an unprotected server. So, in their finite wisdom, they removed walls of security, until the obnoxious email could be received. Remember, this is inter-departmental areas. Not the sites we Google.
I ain't that bright. Yet nevertheless, I imagine one giant blackhole opened up. Sucking everything that could be sucked from all government agencies. I'll give the benefit, maybe only most agencies. The DNC was just a tinge of a tickle.
Can't wait for the main course...and then dessert! Maybe even an after dinner drink!
God only knows the depth of deceptions that have branched out entangling our entire society into a very dense web. A firm choke hold, at best.
I got nothin' without Hope...else I am dismayed.
Aug 19, 2016 21:00:02 #
America Only wrote:
I would not doubt that Hillary or maybe Obama has SOLD the information to other nations so they can hack and do anything they want! As criminal as those two "stains" are anything is possible!
Sounds about right.
If you want to reply, then register here. Registration is free and your account is created instantly, so you can post right away.