[NEWSFLASH] An Egregious Blunder
Some of the most powerful hacking tools, apparently developed by the National Security Agency’s elite cyber-espionage group, have been leaked online, creating an enormous threat to the security of the entire Internet and everyone who uses it. Governments, corporations, and yes, you, must now deal with the possibility that anyone could have these super-spy tools and start using them. Read on…
NSA Hacking Tools Leaked
A file containing a trove of programs with names like EpicBanana, BuzzDirection and EgregiousBlunder appeared online over the weekend of August 13-14, reports the Washington Post. Two former employees of the NSA’s hacking division, known as the Tailored Access Operations (TAO), examined the files and deemed them real.
“Without a doubt, they’re the keys to the kingdom,” said one. “The stuff you’re talking about would undermine the security of a lot of major government and corporate networks both here and abroad.” And “From what I saw, there was no doubt in my mind that it was legitimate,” the second TAO alumnus told the Post.
More than 300 megabytes of data included zero-day exploits, which the NSA has long been suspected of keeping to itself instead of sharing them with hardware and software developers so the vulnerabilities could be patched. The exploits target enterprise-grade firewalls made by the likes of Cisco and Fortinet. They would enable an attacker to penetrate private networks and the public networks of ISPs. Other tools in this Pandora’s box can be used to vacuum up mass quantities of data from compromised computers.
Whoever put the NSA’s tools on a public server now knows the vulnerabilities that the spy agency has discovered over decades of intensive research with a practically unlimited budget. The culprit also knows what entities the NSA has been targeting, and exactly where the agency has penetrated corporate, government, and other networks.
The Post speculates that a foreign spy agency may have snatched and leaked the NSA files in an effort to embarrass the agency and provoke Congress to impose restraints on the NSA’s hacking program. Indeed, the discovery of zero-day exploits in the leaked files confirms that the NSA has compromised everyone’s security in pursuit of its mission, and that may well lead to Congressional action.
Hacking the Hackers
This is not the first time that top-secret NSA hacking tools have ended up on a public server, according to one of the TAO alumni who spoke with the Post. NSA hacker team members, he explained, sometimes uploaded sensitive tools to public servers in error. “What’s unprecedented is to not realize you made a mistake,” he said. “You would recognize, ‘Oops, I uploaded that set’ and delete it.” Only this time, it probably wasn’t a mistake, but a deliberate leak.
A mysterious group calling themselves the "Shadow Brokers” published a ranting manifesto that claimed responsibility for the NSA leak and promoted an “auction” of its secrets to the highest bidder, who would probably be a foreign government. The security establishment is skeptical of the group’s claims and calls an auction “impractical.” Many, including Edward Snowden himself, are pointing fingers at Russia as the culprit.
The theory is this leak might be a “warning shot” aimed at the U. S. government by Russia, showing us what the latter is capable of doing if accusations that Russia is interfering in U. S. election politics continue. I find that theory hard to believe.
To me it seems much more likely that this was an inside job, like Ed Snowden’s theft of top-secret communications and leaking of them to Wikileaks. Its purpose would be to further expose the extent of the NSA’s cyber-spying capabilities and provoke action to limit them.
But the result is truly terrible for everyone who uses the Internet. Now we have much more to worry about than the NSA. Hardware and software vendors are scrambling to address this issue. But until they do, the entire Internet, including your home network connected to it, could be compromised by low-skilled anonymous hackers based anywhere in the world.
A (thin) Silver Lining?
One bright spot in this mess is that Cisco's newest routers (the PIX 7.0 models) are not vulnerable to these hacking tools. But there are over 15,000 older Cisco routers still operating all over the world. These "electronic lock pickers" also don’t target $50 consumer-grade routers, but those are a thin line of defense against state-sponsored cyber-attacks.
Another good thing: this leak drives a stake right through the heart of FBI Director James Comey’s “you can trust us” argument for legislation that would require Internet hardware and software makers to provide back doors into encrypted communication systems. Forget about it, Jimmy... the NSA just proved that no government agency can be trusted with that power.
Stay tuned for more on this debacle, and keep your computer and home network buttoned up as tightly as can be.
This article was posted by Bob Rankin on 23 Aug 2016
|For Fun: Buy Bob a Snickers.
[BYOP] Republic Wireless Just Got Better
The Top Twenty
Geekly Update - 24 August 2016
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- [NEWSFLASH] An Egregious Blunder (Posted: 23 Aug 2016)
Copyright © 2005 - Bob Rankin - All Rights Reserved