Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
United States Government Privacy

Probe Of Leaked US NSA Hacking Tools Examines Operative's Mistake (reuters.com) 57

Joseph Menn and John Walcott, reporting for Reuters: A U.S. investigation into a leak of hacking tools used by the National Security Agency is focusing on a theory that one of its operatives carelessly left them available on a remote computer and Russian hackers found them, four people with direct knowledge of the probe told Reuters. The tools, which enable hackers to exploit software flaws in computer and communications systems from vendors such as Cisco Systems and Fortinet Inc, were dumped onto public websites last month by a group calling itself Shadow Brokers. The public release of the tools coincided with U.S. officials saying they had concluded that Russia or its proxies were responsible for hacking political party organizations in the run-up to the Nov. 8 presidential election. On Thursday, lawmakers accused Russia of being responsible. Various explanations have been floated by officials in Washington as to how the tools were stolen. Some feared it was the work of a leaker similar to former agency contractor Edward Snowden, while others suspected the Russians might have hacked into NSA headquarters in Fort Meade, Maryland.
This discussion has been archived. No new comments can be posted.

Probe Of Leaked US NSA Hacking Tools Examines Operative's Mistake

Comments Filter:
  • Oh geez (Score:2, Funny)

    by Anonymous Coward

    Those gosh darn Russian hackers.

  • Hanlon's Razor (Score:5, Informative)

    by ColdWetDog ( 752185 ) on Friday September 23, 2016 @11:47AM (#52947437) Homepage

    Never attribute to malice that which can be explained by incompetence.....

    • Don't be so hasty to whitewash any of it. What some call "incompetence" can also be seen as sabotage. Few things are more effective than a bureaucrat committing a *job action*.

  • Dual_EC_DRBG (Score:5, Insightful)

    by Anonymous Coward on Friday September 23, 2016 @11:49AM (#52947443)

    Bigger picture: you saw how Snowden easily accessed all the NSA secret documents. You read how Dual_EC_DRBG, was an encryption random number generator with a backdoor key that let them strip encryption with as little as 32 bytes of a message.

    If they couldn't keep their own tools secret, and couldn't keep their own staff from access to everything (2 million plus US contractors security cleared), then that backdoor key will also have been stolen.

    Which means every password sent over networks protected by that encryption are also compromised. But hey, lets not give Snowden a pardon, lets give General Alexander a fat lucrative contract instead.... because...merika!

    • Re:Dual_EC_DRBG (Score:5, Insightful)

      by 93 Escort Wagon ( 326346 ) on Friday September 23, 2016 @03:28PM (#52949065)

      Yup, this is exactly why a government-held "master encryption key for all US-based transactions" must never, ever be allowed to happen. Even the NSA can make mistakes.

    • by AHuxley ( 892839 )
      The internal NSA networks are open to staff, other agencies, random contractors for a reason. So many had projects to run that securing it all would have slowed down. It was sold as a new decade of searches, help, access by contractors.
      Other agencies wanted domestic or staff information on topics the NSA had no need to question.
      So most US internal gov networks are open, plain text for rapid searching. The security thinking is any search on the inside is legal, valid and secure.
      The 'couldn't keep thei
  • by laughingskeptic ( 1004414 ) on Friday September 23, 2016 @11:52AM (#52947463)
    The operative's job requires them to place their tools on remote machines. That is how you make progress on a hack. I'm guessing they had a 'favorite' bundle that they deployed rather than trying tools one at a time like they were probably supposed to.
    • by AHuxley ( 892839 )
      Strange that for decades no other admins, system workers, network designers, skilled top academics, telco staff, the private sector or other gov's ever noticed and published details about staging servers and methods found.
      Now its all in the open? What went wrong with decades of never really been noticed? All that easy access, bulk data moved globally and no trace by the smart people with total access to the networks lost.
      Has commercial and consumer cloud AV really gotten that good and responsive that
  • Rookie epic fail

    Next time, remember: there is no such thing as a secure cloud service. Ever.

    • Rookie epic fail

      Next time, remember: there is no such thing as a secure cloud service. Ever.

      I still face-plant every time I have to talk to a non-tech (AND EVEN SOME TECH) persons about what "the cloud" is. It's very simple:

      "The Cloud" == a data center [wikipedia.org], or a set of datacenters [wikipedia.org] used to store and/or process information remotely. The word "Cloud" is used to simplify a term that's been in existence since, what, the 1940s?

      Those who are given this simple infomration respond with, "Huh? So what is the cloud then?"

  • the russians cant hack our shit they just found it laying around when someone left them on the shared global spy server. they aint /that/ good.
  • Scapegoat Du Jour (Score:2, Interesting)

    by Anonymous Coward

    Russian (state sponsored) hackers seem to be the scapegoat du jour. For the past few years, all hacking was attributed to Chinese hackers. Then Donald Trump makes some flippant statement, the news starts talking about the Russian government hacking the DNC and BAM, all hacking is now attributed to Russian hackers.

    Did China suddenly stop hacking entirely? Are there no longer any hackers in Romania? Where did the Nigerians go?

  • by Narcocide ( 102829 ) on Friday September 23, 2016 @01:19PM (#52948069) Homepage

    The tools, which enable [salaried government employees] (who don't understand how they work) to exploit software flaws in computer and communications systems (which they also don't fundamentally understand), from [American companies] such as Cisco Systems and Fortinet Inc, (whose customers and reputations and overall integrity they also don't care about), were dumped onto public websites last month by a group calling itself Shadow Brokers.

    There, FTFY.

  • C'mon people... get it right. It's "extremely careless" and you're off the hook, no charges will be recommended.
  • ....who we can blame this one on yet?

The 11 is for people with the pride of a 10 and the pocketbook of an 8. -- R.B. Greenberg [referring to PDPs?]

Working...