When the NSA discovers a new method of
hacking into a piece of software or hardware, it faces a dilemma. Report
the security flaw it exploits to the product's manufacturer so it gets
fixed, or keep that vulnerability secret—what's known in the security
industry as a "zero day"—and use it to hack its targets, gathering
valuable intelligence. Now a case of data apparently stolen from an NSA
hacking team seems to show the risks that result when the agency chooses
offense over defense: Its secret hacking tools can fall into unknown
hands.
On Wednesday, networking equipment firms Cisco and Fortinet warned customers about vulnerabilities revealed in data posted to the web days earlier by an anonymous group calling itself Shadow Brokers. The group claimed it obtained the data by hacking of an elite espionage team known as Equation Group and linked to the NSA. Shadow Brokers described its haul as a cache of encrypted "cyberweapons" that it would auction to the highest bidder. The data dump also contained an unencrypted sample with 300 megabytes of information including hacking software—known as "exploits"—designed to target networking appliances from Cisco, Fortinet, Juniper and TopSec.1
Based on Fortinet and Cisco's urgent warnings in response to the exploits' leak, it appears that some of those exploits had in fact been secret zero-day flaws. That raises the likelihood that the data was in fact stolen from NSA hackers—a view increasingly held by security experts analyzing the data.
https://www.wired.com/2016/08/shadow-brokers-mess-happens-nsa-hoards-zero-days/
On Wednesday, networking equipment firms Cisco and Fortinet warned customers about vulnerabilities revealed in data posted to the web days earlier by an anonymous group calling itself Shadow Brokers. The group claimed it obtained the data by hacking of an elite espionage team known as Equation Group and linked to the NSA. Shadow Brokers described its haul as a cache of encrypted "cyberweapons" that it would auction to the highest bidder. The data dump also contained an unencrypted sample with 300 megabytes of information including hacking software—known as "exploits"—designed to target networking appliances from Cisco, Fortinet, Juniper and TopSec.1
Based on Fortinet and Cisco's urgent warnings in response to the exploits' leak, it appears that some of those exploits had in fact been secret zero-day flaws. That raises the likelihood that the data was in fact stolen from NSA hackers—a view increasingly held by security experts analyzing the data.
https://www.wired.com/2016/08/shadow-brokers-mess-happens-nsa-hoards-zero-days/
No comments:
Post a Comment