Hacking the hackers? US spy agency at center of apparent breach
Washington (AFP) – The US National Security Agency, which gained international notoriety in 2013 after Edward Snowden revealed its data snooping techniques, has itself become the target of an apparent data breach.
Mysterious hackers calling themselves the “Shadow Brokers” leaked online what appears to be classified NSA computer code.
Several security experts told US media the code appears genuine, and Snowden said “circumstantial evidence” pointed to Russian involvement.
As of Wednesday, the NSA still had not responded to multiple requests for comment.
The hackers over the weekend posted two sets of files, one that is freely accessible and another that remains encrypted.
The Shadow Brokers said they would release this additional information subject to raising 1 million Bitcoins — digital currency, in this case worth about $575 million — through an online auction.
According to the New York Times, much of the code was created to peer through the computer firewalls of foreign powers like Russia, China and Iran.
Such access would enable the NSA to plant malware in rivals’ systems and monitor — or even attack — their networks.
Whoever obtained the code would have had to break into NSA servers that store the files, the Times said.
Former NSA employees who worked at the agency’s hacking division known as Tailored Access Operations told the Washington Post the hack appeared genuine.
“Without a doubt, they’re the keys to the kingdom,” one former TAO employee told the Post.
“The stuff you’re talking about would undermine the security of a lot of major government and corporate networks both here and abroad,” the employee was quoted as saying.
Former NSA contractor Snowden, who has been living in Russia since leaking documents revealing the scope of the agency’s monitoring of private data, said the hack could be a warning to the United States after Democratic presidential nominee Hillary Clinton’s campaign accused Moscow of hacking into Democratic National Committee emails.
“7) Why did they do it? No one knows, but I suspect this is more diplomacy than intelligence, related to the escalation around the DNC hack,” Snowden said in a series of more than a dozen tweets about the Shadow Brokers hack.
“8) Circumstantial evidence and conventional wisdom indicates Russian responsibility. Here’s why that is significant:” he added, explaining that the hack could be an effort to influence US officials wondering how aggressively to respond to the DNC hack.
A website initially used by the group to publicize its hack had been taken down as of Wednesday morning.