NSA operative might have accidentally leaked its hacking tools
American authorities are still digging into how a set of NSA’s hacking tools landed in the hands of a group called Shadow Brokers who then leaked them online. According to Reuters, they’re now focusing their investigation on a theory that one NSA operative used the tools on a remote computer three years ago. They believe the operative left them there exposed, and that’s where Russian hackers got a hold of them. The exploits allow users to take advantage of security systems’ software flaws. They can target a number of companies’ products in particular, including Cisco’s firewalls and routers, putting their customers at risk.
Edward Snowden and some security experts pinned the leak on Russian hackers from the start, what with the ongoing digital war between the US and the world’s largest nation. If you’ll recall, Russia is being blamed for several high-profile security breaches in the US, including the most recent Guccifer 2.0 leak that contains documents from the Democratic National Convention.
The fact that Shadow Brokers dumped the tools online just like Guccifer 2.0 did supports authorities’ belief that Russians are behind this incident, as well. Center for Strategic and International Studies cybersecurity expert Jim Lewis said: “The dumping is a tactic they’ve been developing for the last five years or so. They try it, and if we don’t respond they go a little further next time.”
Reuters also revealed that after the NSA found out that its tools were stolen, it deployed sensors to detect whether foreign countries with cyberattack capabilities like Russia and China had been using it. When it didn’t pick up any suspicious activity, it didn’t bother notifying the companies that could be affected by the exploits.
At this point in time, investigators are still looking into the possibility that the operative in question did it on purpose, and that another person might have committed a similar mistake that made the tools more vulnerable. They’re also still confirming whether Shadow Brokers are directly connected to the Russian government. What they’re sure of, however, is that it wasn’t the work of a whistleblower like Edward Snowden and that the hackers didn’t directly infiltrate NSA’s headquarters.