By Mariah McCloskey
A mysterious group of hackers, calling itself the Shadow Brokers, stole a few disks full of National Security Agency secrets in 2013. They have waited to unleash those disks’ secrets onto the Internet – until now.
The Atlantic reports that this hacking group “has publicly embarrassed the NSA and damaged its intelligence-gathering capabilities,” hurting not only the NSA, but the reputation of the United States. But they do more than just damage reputations; the report continues by stating that the Shadow Brokers have leaked information and harmed government organizations, “while at the same time have put sophisticated cyberweapons in the hands of anyone who wants them.”
The Shadow Brokers group offered multiple new alleged attack tools for sale via ZeroNet, a peer-to-peer encrypted network. Data Breach Today states, “The tools include exploits and software implants obtained from the Equation Group, which is the nickname for an advanced hacking group that experts say is likely the NSA’s Tailored Access Operations team.”
Although, as Data Breach Today states, researchers also don’t believe that the Shadow Brokers has suddenly released these files in an attempt to turn a profit. “If the Shadow Brokers were trying to make a profit, the exploits would have been offered shortly after July 2013, when the information would have been most valuable.”
The hacking group first appeared to the public in the summer of 2016, exposing some of NSA’s most guarded hacking tools. In total, the group has published four sets of NSA material, but the Atlantic reports that, “Looking at the time stamps on the files and other material, they all come from around 2013.” Although, the Shadow Brokers could date back even further than that. According to the International Business Times, “some of the exploits date back to the 1990s and most of them focus on Linux based systems.”
The personal computer distribution database created in 1991, quickly became one of the leading operating systems and now has “the largest installed base of all general-purpose operating systems,” according to Net MarketShare. Linux is now used in most Android and Smartphone operating systems, giving the Shadow Brokers the ability to grow with it.
The break has exposed vulnerabilities in Linux mail servers and “provided the exploit that the authors of the WannaCry ransomware used to infect an estimated 400,000 computers in more than 150 countries,” Naked Security reports. This means the Shadow Brokers have created one of the world’s largest ransomware outbreak in history.
But for those wondering how they were able to breach the NSA database and take this information, the answer is no one knows.
There have been a wide range of investigations by the NSA’s counterintelligence arm, known as Q Group, and the F.B.I., but the New York Times reports that, “officials still do not know whether the N.S.A. is the victim of a brilliantly executed hack, with Russia as the most likely perpetrator, an insider’s leak, or both.”
“These leaks have been incredibly damaging to our intelligence and cyber capabilities,” Leon E. Panetta, the former defense secretary and director of the Central Intelligence Agency says to the New York Times. “The fundamental purpose of intelligence is to be able to effectively penetrate our adversaries in order to gather vital intelligence. By its very nature, that only works if secrecy is maintained and our codes are protected.”
Contrary to popular belief, this attack is not similar to the exposure of the NSA by Edward Snowden. According to the New York Times, Snowden released code words, while the Shadow Brokers have released the actual code. The Shadow Brokers “did not expose illegal surveillance, but it made the hacking tools used by the NSA worthless,” Naked Security continues. The hack undermined NSA’s “reputation that it could effectively guard its secrets.”