Hacking

Edward Snowden Sheds Light on Shadow Brokers

NSA whistle-blower Edward Snowden on Tuesday injected himself into an escalating cyberstruggle that could affect the U.S. presidential election.

The reported hack of The Equation Group might have been a warning shot from Russia, Snowden claimed.

The group, which is widely believed to be a front operation for the NSA, apparently was hacked over the weekend by a previously unknown outfit called the “Shadow Brokers,” which then claimed to have valuable files in its possession that would be available to the highest bidder.

The group posted a free preview of its alleged stash on Tumblr, in a broken-English post that later was deleted. A cached version of the page, as it appeared on Monday, was still accessible as of Wednesday evening.

The Shadow Brokers could provide additional access to Equation Group tools, according to the post, and if the auction were to raise 1 million bitcoins, then the group would dump more files for free.

Cisco’s Response

Cisco’s Product Security Incident Response Team investigated the information published by the Shadow Brokers, and identified two vulnerabilities affecting Cisco ASA devices that required customer attention, according to PSIRT spokesperson Yvonne Malmgren.

The company issued two security advisories — one for a newly found defect and one for a defect that was found and fixed in 2011, she told TechNewsWorld.

The advisories include free software updates and workarounds.

Warning Shot

Snowden said in a series of tweets said that “circumstantial evidence and conventional wisdom” pointed to the Russians as being behind the hack.

9) This leak is likely a warning that someone can prove US responsibility for any attacks that originated from this malware server.

— Edward Snowden (@Snowden) August 16, 2016

11) Particularly if any of those operations targeted elections.

— Edward Snowden (@Snowden) August 16, 2016

The FBI is investigating those attacks.

There appear to be several hundred tools in the Shadow Brokers’ leak that have “strong connections” to Equation Group malware tools, according to an analysis by Kaspersky Lab’s global research and analysis team, which early last year uncovered links between The Equation Group and the NSA.

For example, there are more than 300 files in the Shadow Brokers archive that implement the same specific variation of the RC6 encryption algorithm that has been used by Equation over the years, according to Kaspersky, and it’s highly unlikely that it was faked.

Credible Leak

The leaked information appears credible, in part based on the information revealed in the 2013 disclosures related to the NSA by Snowden, said Andrea Castillo, program manager for the Technology Policy Program at George Mason University’s Mercatus Center.

“Given the quantity and quality of the dumped data, it does appear to be a valid leak,” she told TechNewsWorld. “Some of the tools corroborate techniques that we have already learned about through the Snowden leaks.”

However, there are concerns about the idea that the NSA can fall victim to this sort of counterhack, Castillo said.

“Now that these exploits are public, software and service providers will be able to patch up the vulnerabilities that the NSA had been apparently relying upon,” she noted.

Publicizing the exploits probably was not the primary driver behind the attack, Castillo said. More likely, it was a demonstration of power by a state-backed or otherwise well-funded hacking organization.

David Jones is a freelance writer based in Essex County, New Jersey. He has written for Reuters, Bloomberg, Crain's New York Business and The New York Times.

1 Comment

  • I think this election year you have two candidates very much hated by a number of powerful people and organizations. Trumps stirs the pot against the establishment and Hillary is a prime example of a person who is nothing but establishment. It’s why you even see some GOP members threatening to vote for Clinton. I mean, would you want a outsider to ruffle some feathers? Or an insider who simply plays for the other team? Clearly even for the liberal media they seem to already feel that the average people shouldn’t have a say in government. That government knows best and allowing these deals to happen get’s things done. But as Snowden knows all too well, that government control can be dangerous. I actually think if nothing more Trump could be a buffer for the people against the establishment. From my point of view their is way more on Clinton than on Trump so far. That may change, but picking on what Trump says vs what Hillary and Bill have done that reinforces the establishment shady dealings. May sway many voters to pick Trump purely on anti establishment principals.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by David Jones
More in Hacking

Technewsworld Channels