Procurement News Notice |
|
| PNN | 3882 |
| Work Detail | The NSA hacker team designs the algorithms and malware to monitor digital traffic, penetrate computers and activate anything connected to the internet. Hacking tools apparently purloined from the National Security Agency's cache of cyberweapons and dumped online this week raises troubling questions about the motives and means behind the attack. The Shadow Brokers are now running an open auction for the rest of the Equation Group malware. "This leak is likely a warning that someone can prove United States responsibility for any attacks that originated from this malware server". What this implies is of the utmost severity, for this practice is not unique to the NSA and the recent security breach means "The Shadow Brokers" have probably been sitting on US servers undetected for years. Instead, he told us, the much more likely scenario is that an insider walked out of a secure area with this data on a USB key, which could have been sold or stolen. Our rivals do the same thing to us - and occasionally succeed. The hackers said they were able to detect and hack Equation Group hacker group, which is associated with the NSA. Three of them ? JETPLOW, FEEDTROUGH and BANANAGLEE ? have previously appeared in an NSA compendium of top secret cyber surveillance tools. The Shadow Brokers now say that they have copies of the cyber tools the NSA's group has used in some of its attacks. They released a sample in advance to prove authenticity. Today, Cisco and Fortinet confirmed that exploits for their products published by the hackers were legitimate. This has also since been taken down, but not before being circulated on code-sharing sites like Github. "We'll never know", he said in a message to AP. As of Wednesday, the NSA still had not responded to multiple requests for comment. Cisco said that there are some conditions that must be met in order for the ASA and PIX vulnerability to be exploited successfully. The company said in a blog post that the other vulnerability was fixed in 2011. However, a potentially more alarming issue is what else might have been stolen. At this stage, it's not clear who Shadow Brokers are, but some security researchers are speculating that in the wake of the Democratic National Committee hack, which has been publicly attributed to Russian intelligence agencies by Hillary Clinton, this could be retaliation. With over 24 hours having passed since the auction was made public, the highest bid is at $937.15. There's no real proof for now, but considering the timing and nature of the attack, security experts see the country as a potential backer of the Shadow Brokers. "Faking this information would be monumentally hard; there is just such a sheer volume of meaningful stuff", computer security researcher Nicholas Weaver of the University of California at Berkeley said in an interview. According to another expert, Matt Suiche, co-founder of security start-up Comae Technologies, the stolen sample also shows that network security equipment from different manufacturers and brands - including Cisco Systems, Juniper, Fortigate and Chinese industrial giant Topse - are targeted by Equation. So who are these Shadow Brokers? Although the Shadow Brokers are offering no guarantees with their auction, the sale probably isn't a scam. An anonymous group of hackers known as "The Shadow Brokers" recently posted online the "cyber weapons" NSA hackers reportedly used to hack into other governments' servers. |
| Country | United States , Northern America |
| Industry | Cyber Security |
| Entry Date | 03 Sep 2016 |
| Source | http://yourniskayuna24.com/2016/08/nsa-cyber-weapons-hacked-by-mysterious-shadow-brokers/ |
