Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Hacking the Hackers? US Spy Agency at Center of Apparent Breach

The US National Security Agency, which gained international notoriety in 2013 after Edward Snowden revealed its data snooping techniques, has itself become the target of an apparent data breach.

The US National Security Agency, which gained international notoriety in 2013 after Edward Snowden revealed its data snooping techniques, has itself become the target of an apparent data breach.

Mysterious hackers calling themselves the “Shadow Brokers” leaked online what appears to be classified NSA computer code.

Several security experts told US media the code appears genuine, and Snowden said “circumstantial evidence” pointed to Russian involvement.

As of Wednesday, the NSA still had not responded to multiple requests for comment. The hackers over the weekend posted two sets of files, one that is freely accessible and another that remains encrypted.

The Shadow Brokers said they would release this additional information subject to raising 1 million Bitcoins — digital currency, in this case worth about $575 million — through an online auction.

According to the New York Times, much of the code was created to peer through the computer firewalls of foreign powers like Russia, China and Iran.

Such access would enable the NSA to plant malware in rivals’ systems and monitor — or even attack — their networks.

Whoever obtained the code would have had to break into NSA servers that store the files, the Times said.

Former NSA employees who worked at the agency’s hacking division known as Tailored Access Operations told the Washington Post the hack appeared genuine.

“Without a doubt, they’re the keys to the kingdom,” one former TAO employee told the Post.

“The stuff you’re talking about would undermine the security of a lot of major government and corporate networks both here and abroad,” the employee was quoted as saying.

Former NSA contractor Snowden, who has been living in Russia since leaking documents revealing the scope of the agency’s monitoring of private data, said the hack could be a warning to the United States after Democratic presidential nominee Hillary Clinton’s campaign accused Moscow of hacking into Democratic National Committee emails.

“Why did they do it? No one knows, but I suspect this is more diplomacy than intelligence, related to the escalation around the DNC hack,” Snowden said in a series of more than a dozen tweets about the Shadow Brokers hack.

“Circumstantial evidence and conventional wisdom indicates Russian responsibility. Here’s why that is significant:” he added, explaining that the hack could be an effort to influence US officials wondering how aggressively to respond to the DNC hack.

A website initially used by the group to publicize its hack had been taken down as of Wednesday morning.

Related: “Shadow Brokers” Claim Hack of NSA-Linked Equation Group

Related: Report Connects Elite Hacking Group to NSA-Linked Cyberweapons

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Cyberwarfare

Iranian APT Moses Staff is leaking data stolen from Saudi Arabia government ministries under the recently created Abraham's Ax persona

Cyberwarfare

Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cyberwarfare

The UK’s NCSC has issued a security advisory to warn about spearphishing campaigns conducted by two unrelated Russian and Iranian hacker groups.

Cybercrime

Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.

Cybercrime

Albanian prosecutors on Wednesday asked for the house arrest of five public employees they blame for not protecting the country from a cyberattack by...

Cyberwarfare

While cyber eyes are trained on Russia, we should remember that it is not the West’s only cyber adversary. China, Iran, and North Korea...