After decades of merrily hacking into other people’s computers and snooping on people’s emails, it appears that the NSA has been hacked.
A group of hackers are trying to auction off malware that the spy organization has been using to spy on the rest of us:
A mysterious online group calling itself “The Shadow Brokers” is claiming to have penetrated the National Security Agency, stolen some of its malware, and is auctioning off the files to the highest bidder.
The authenticity of the files cannot be confirmed but appear to be legitimate, according to security researchers who have studied their content. Their release comes on the heels of a series of disclosures of emails and documents belonging mostly to Democratic officials, but also to Republicans. Security researchers believe those breaches were perpetrated by agents thought to be acting on behalf of Moscow.
The NSA did not answer Foreign Policy’s questions about the alleged breach on Monday. But if someone has managed to penetrate the American signals intelligence agency and post its code online for the world to see — and purchase — it would constitute a historic black eye for the agency.
………
The files posted over the weekend include two sets of files. The hackers have made one set available for free. The other remains encrypted and is the subject of an online auction, payable in bitcoin, the cryptocurrency. That set includes, according to the so-called Shadow Brokers, “the best files.” If they receive at least 1 million bitcoin — the equivalent of at least $550 million — they will post more documents and make them available for free.
The set of files available for free contains a series of tools for penetrating network gear made by Cisco, Juniper, and other major firms. Targeting such gear, which includes things like routers and firewalls, is a known tactic of Western intelligence agencies like the NSA, and was documented in the Edward Snowden files. Some code words referenced in the material Monday — BANANAGLEE and JETPLOW — match those that have appeared in documents leaked by Snowden. Security researchers analyzing the code posted Monday say it is functional and includes computer codes for carrying out espionage.
If this hack is real, my guess is that they got in through backdoors that the NSA itself insisted on.