Content Marketers » Publish Your Business Blog, Videos and Events on ALL EC » Save 25% Today!
Welcome Guest | Sign In
salesforce commerce cloud

Edward Snowden Sheds Light on Shadow Brokers

By David Jones TechNewsWorld ECT News Network
Aug 18, 2016 7:00 AM PT

NSA whistle-blower Edward Snowden on Tuesday injected himself into an escalating cyberstruggle that could affect the U.S. presidential election.

The reported hack of The Equation Group might have been a warning shot from Russia, Snowden claimed.

The group, which is widely believed to be a front operation for the NSA, apparently was hacked over the weekend by a previously unknown outfit called the "Shadow Brokers," which then claimed to have valuable files in its possession that would be available to the highest bidder.

The group posted a free preview of its alleged stash on Tumblr, in a broken-English post that later was deleted. A cached version of the page, as it appeared on Monday, was still accessible as of Wednesday evening.

The Shadow Brokers could provide additional access to Equation Group tools, according to the post, and if the auction were to raise 1 million bitcoins, then the group would dump more files for free.

Cisco's Response

Cisco's Product Security Incident Response Team investigated the information published by the Shadow Brokers, and identified two vulnerabilities affecting Cisco ASA devices that required customer attention, according to PSIRT spokesperson Yvonne Malmgren.

The company issued two security advisories -- one for a newly found defect and one for a defect that was found and fixed in 2011, she told TechNewsWorld.

The advisories include free software updates and workarounds.

Warning Shot

Snowden said in a series of tweets said that "circumstantial evidence and conventional wisdom" pointed to the Russians as being behind the hack.

The FBI is investigating those attacks.

There appear to be several hundred tools in the Shadow Brokers' leak that have "strong connections" to Equation Group malware tools, according to an analysis by Kaspersky Lab's global research and analysis team, which early last year uncovered links between The Equation Group and the NSA.

For example, there are more than 300 files in the Shadow Brokers archive that implement the same specific variation of the RC6 encryption algorithm that has been used by Equation over the years, according to Kaspersky, and it's highly unlikely that it was faked.

Credible Leak

The leaked information appears credible, in part based on the information revealed in the 2013 disclosures related to the NSA by Snowden, said Andrea Castillo, program manager for the Technology Policy Program at George Mason University's Mercatus Center.

"Given the quantity and quality of the dumped data, it does appear to be a valid leak," she told TechNewsWorld. "Some of the tools corroborate techniques that we have already learned about through the Snowden leaks."

However, there are concerns about the idea that the NSA can fall victim to this sort of counterhack, Castillo said.

"Now that these exploits are public, software and service providers will be able to patch up the vulnerabilities that the NSA had been apparently relying upon," she noted.

Publicizing the exploits probably was not the primary driver behind the attack, Castillo said. More likely, it was a demonstration of power by a state-backed or otherwise well-funded hacking organization.

David Jones is a freelance writer based in Essex County, New Jersey. He has written for Reuters, Bloomberg, Crain's New York Business and The New York Times.

Facebook Twitter LinkedIn Google+ RSS
Does it matter to you if products you purchase are manufactured in another country?
Yes, and I will pay more for a domestically produced product.
Yes, but my shopping decisions won't change anything, so I do what's best for me.
I care, but it's impossible to keep track of where everything is made.
I want the best quality and price, regardless of country of origin.
It depends on the country. Some are OK, some aren't.
It depends on the company. I'll buy from a reputable non-domestic brand.
salesforce commerce cloud
salesforce commerce cloud