After an unknown hacking group released hacking tools from National security agency, top notch tech companies in the world are scrambling to patch their systems and software to protect themselves and customers from attacks.
An unknown group of hackers, Shadow Brokers dumped data online last weekend and claimed to steal it from the Equation Group, a top-of-the-line APT believed to be associated with the NSA. The data dump affected firewall makers, Cisco and Fortinet’s products.
While the anonymous group’s origin is unknown, cyber security experts have authenticated the cache of NSA hacking tools of what appeared to be developed by the NSA for its more controversial activity: surveilling, spying and hacking. Computer Security analysts who have studied the files are mostly convinced they came from the agency.
The Shadow Brokers said they had more such files, which they would sell to the highest bidder. So far, the Shadow Brokers have released about 300 megabytes of data comprising a total of over 50 attack tools that would let attackers bypass firewalls that organizations rely on to defend against external attacks.
A former NSA employee recognized details in the leaked files.
The revelation has once again raised the tension between the two sides of NSA’s dual mission: breaking into computer networks overseas in search of useful intelligence about foreign governments and terrorists and helping protect America’s networks against foreign spies and other hackers.
After the custom-made malware has been made online, American corporations are relying on cyber security against digital attacks from criminals and spies.
Now, many cyber security experts are asking why the NSA would stockpile so many of these kinds of security vulnerabilities without telling the affected companies.
“The policy question we have to ask ourselves is what’s an acceptable amount of time for the NSA to keep these exploits exclusively, before being legally compelled to disclose them,” says Jeremiah Grossman, head of security strategy at cyber security firm SentinelOne.
The leak also raises questions about the nature of nation-state hacking, and how much spy agencies know about flaws in software that they aren’t revealing to tech companies and the public.