Are you currently experiencing an attack?

Are you currently experiencing an attack?

For Sale (to Anybody): Powerful NSA Hacking Tools

Last August, a group calling itself the Shadow Brokers claimed that they had stolen a variety of sophisticated cyberweapons — malware, private exploits, etc. — from the U.S. National Security Agency (NSA).

Whether or not these hackers were the actual thieves (probably not), or just obtained the tools from somebody within the NSA (more likely), the software they have is the real thing.

At first, they put the goods up for sale through an auction. This wasn’t successful. So, last month they started offering the hacking tools for direct sale on the deep web.

We’ve written before about the dangers of government-sponsored hacking. Agencies such as the NSA have access to massive levels of funding, and enormous talent pools. The NSA in particular is believed to be responsible for some of the most sophisticated malware in the world, including Stuxnet, EquationNet, and GrayFish.

National agencies are constantly pushing forward the boundaries of what’s possible with hacking, cyberwarfare, etc. And eventually, it will all get leaked, and be available to the world’s cybercriminals.

According to reports, the Shadow Brokers affair has caused a lot of consternation within government circles. (The word “panic” was used.) But this is not an isolated incident. It’s merely the latest in a continual series of compromises of the NSA.

As a world leader in cyberwarfare, the NSA is a constant target of hostile espionage that’s aggressive, relentless, and very often successful. Ever since its founding in 1952, the NSA has been compromised with alarming frequency.

In the late 1950s, NSA cryptologists William Martin and Bernon Mitchell spied for the Soviet Union, and then defected. In the early 1960s, Army Sergeant First Class Jack Dunlap, the personal driver of the NSA chief of staff, was also a spy for the Kremlin. In the mid-1960s, NSA clerk Robert Lipka supplied his KGB handlers with a steady stream of top-secret documents, including daily and weekly White House reports and inter-ally NATO communications.

After that, the U.S. Navy surveillance ship U.S.S. Pueblo was captured by North Korea, due to another traitorous spy named John Anthony Walker. Its top-secret NSA code machines could now be studied by Soviet-bloc countries. Then in the early 1980s, NSA analyst Ronald Pelton betrayed top-secret surveillance programs to the KGB. The list goes on and on.

In recent times, the FBI’s “Operation Ghost Stories” (which unmasked ten agents of the Russian Foreign Intelligence Service operating in the United States), also revealed that there is still one or more Russian moles active within the NSA. And of course, Edward Snowden famously took and publicly released thousands of classified NSA documents.

Yet another agency compromise was discovered in August 2016. Former NSA contractor Harold Martin III was caught with 50 terabytes of classified material in his home. Although he was initially reported to be the source of the Shadow Brokers leak, investigators are now “skeptical” that it was him. Which would mean that there is still at least one active mole within the agency.

Here’s why this is important. The NSA — the developer of the most powerful malware in the world — has a dismal record of keeping its data secure. It seems that whatever hacking tools it creates, and whatever new exploit techniques it discovers, will all find their way into the wild eventually.

So, this means that the world’s hackers, organized computer crime rings, and other cybercriminals will have them too.

Meanwhile, other nations (such as China and Russia) are developing their own cyberattack tools. These tools are (perhaps) less likely to be stolen and leaked than those from the NSA. But they are more likely to be used by their creators directly against Western organizations.

Summary of all the above: You should approach web security as if the most powerful governments in the world are developing hacking software to use against you.

Because in a sense, they are.

Photo credit: jarmoluk

Get your price quote

Fill out your email below, and we will send you a price quote tailored to your needs

This website uses cookies to ensure you get the best experience on our website.