Probe Of Leaked US NSA Hacking Tools Examines Operative's Mistake (reuters.com) 57
Joseph Menn and John Walcott, reporting for Reuters: A U.S. investigation into a leak of hacking tools used by the National Security Agency is focusing on a theory that one of its operatives carelessly left them available on a remote computer and Russian hackers found them, four people with direct knowledge of the probe told Reuters. The tools, which enable hackers to exploit software flaws in computer and communications systems from vendors such as Cisco Systems and Fortinet Inc, were dumped onto public websites last month by a group calling itself Shadow Brokers. The public release of the tools coincided with U.S. officials saying they had concluded that Russia or its proxies were responsible for hacking political party organizations in the run-up to the Nov. 8 presidential election. On Thursday, lawmakers accused Russia of being responsible. Various explanations have been floated by officials in Washington as to how the tools were stolen. Some feared it was the work of a leaker similar to former agency contractor Edward Snowden, while others suspected the Russians might have hacked into NSA headquarters in Fort Meade, Maryland.
Oh geez (Score:2, Funny)
Those gosh darn Russian hackers.
Hanlon's Razor (Score:5, Informative)
Never attribute to malice that which can be explained by incompetence.....
Re: (Score:1)
Don't be so hasty to whitewash any of it. What some call "incompetence" can also be seen as sabotage. Few things are more effective than a bureaucrat committing a *job action*.
Dual_EC_DRBG (Score:5, Insightful)
Bigger picture: you saw how Snowden easily accessed all the NSA secret documents. You read how Dual_EC_DRBG, was an encryption random number generator with a backdoor key that let them strip encryption with as little as 32 bytes of a message.
If they couldn't keep their own tools secret, and couldn't keep their own staff from access to everything (2 million plus US contractors security cleared), then that backdoor key will also have been stolen.
Which means every password sent over networks protected by that encryption are also compromised. But hey, lets not give Snowden a pardon, lets give General Alexander a fat lucrative contract instead.... because...merika!
Re:Dual_EC_DRBG (Score:5, Insightful)
Yup, this is exactly why a government-held "master encryption key for all US-based transactions" must never, ever be allowed to happen. Even the NSA can make mistakes.
Re: (Score:2)
Other agencies wanted domestic or staff information on topics the NSA had no need to question.
So most US internal gov networks are open, plain text for rapid searching. The security thinking is any search on the inside is legal, valid and secure.
The 'couldn't keep thei
Careless to use the tools? (Score:3)
Re: (Score:1)
You never know when you're hacking into some sort of honeypot. A machine they put on the net to attract (governmental) hackers, with constant snapshotting in order to pick up interesting toolkits & exploits that they haven't seen.
Got a unknown backdoor into cisco switches, using some obscure protocol quirk? Some russian lab has a switch with a memory reader connected. Waiting month after month - when the memory changes, the right people are notified. Likewise for a large number of popular products
Re: (Score:2)
The tools will contain portions that have to be placed on the remote machine, because you're trying to execute their payload in a privileged context on that machine.
But didn't this release also include command servers and user manuals? Things which would never be placed on a device which is the target of a compromise, so even if you assume usage of a "bundle", it's unreasonable to think they would be included in it.
This.
There's no way any 'honeypot' or similar tactic is going to obtain the portions of the tools that are never uploaded to a target like user manuals and command server code.
This is simply a combination of CYA and an attempt at psychological manipulation to try to smoke out whomever hacked into NSA HQ and/or leaked these tools.
Hey NSA, it sucks when the hunter becomes the hunted, doesn't it? Your unconstitutional and criminal actions have now placed you at the top of every private and government hacker's
Re: (Score:1)
Local build?
Re: (Score:2)
Now its all in the open? What went wrong with decades of never really been noticed? All that easy access, bulk data moved globally and no trace by the smart people with total access to the networks lost.
Has commercial and consumer cloud AV really gotten that good and responsive that
Re: (Score:2)
Absent the Soviet closed economy, Putin is at least 12 trillion / year short of the necessary national income to pay for a new string of wars.
Where will he get the tools, the raw materials from China, the newest radar / lidar / standing wave receive only tech?
Not for free. And it will take 3 decades to catch up with where we are now
Of course, a few more ignorant spendthrift projects like the F-35 and he can just walk in, waiting for our "superior aircraft" to take a nosedive agai
Re: (Score:2)
Re: elites pimping nostalgia (Score:1)
Re: (Score:2)
George Bush was the only world leader to declare a nuclear first strike policy. The USA has invaded how many countries since the Soviet Union collapsed? How many Russian died fighting over the Crimea when it was part of Russia, how many hundreds of thousand. Seriously in what sane world would any country risk internal revolution trying to stop Don Cossacks from crossing a border to defend their relatives from attacks by Zaphorisian Cossacks (cossacks have the reputation they have because they well and trul
Re: (Score:2)
That other nations can get into networks, stay in, get all kinds of plain text data in bulk, get the data out without been detected. Hours later contractors find all the ip ranges, logs, fully understood and expected code fragments are found intact. The media is full aware of methods, ip's hours later...
Later the insider aspect is f
Cloud services (Score:2)
Rookie epic fail
Next time, remember: there is no such thing as a secure cloud service. Ever.
Re: (Score:2)
Rookie epic fail
Next time, remember: there is no such thing as a secure cloud service. Ever.
I still face-plant every time I have to talk to a non-tech (AND EVEN SOME TECH) persons about what "the cloud" is. It's very simple:
"The Cloud" == a data center [wikipedia.org], or a set of datacenters [wikipedia.org] used to store and/or process information remotely. The word "Cloud" is used to simplify a term that's been in existence since, what, the 1940s?
Those who are given this simple infomration respond with, "Huh? So what is the cloud then?"
Saving face (Score:2)
Scapegoat Du Jour (Score:2, Interesting)
Russian (state sponsored) hackers seem to be the scapegoat du jour. For the past few years, all hacking was attributed to Chinese hackers. Then Donald Trump makes some flippant statement, the news starts talking about the Russian government hacking the DNC and BAM, all hacking is now attributed to Russian hackers.
Did China suddenly stop hacking entirely? Are there no longer any hackers in Romania? Where did the Nigerians go?
Re: (Score:2)
The tools, which enable hackers to exploit... (Score:3, Insightful)
The tools, which enable [salaried government employees] (who don't understand how they work) to exploit software flaws in computer and communications systems (which they also don't fundamentally understand), from [American companies] such as Cisco Systems and Fortinet Inc, (whose customers and reputations and overall integrity they also don't care about), were dumped onto public websites last month by a group calling itself Shadow Brokers.
There, FTFY.
Extremely Careless (Score:2)
Haven't quite figured out.... (Score:1)