After the NSA hack: Cybersecurity in an even more vulnerable world

Kevin Lancaster

MyBroadband Editor
Joined
Apr 4, 2014
Messages
13,564
After the NSA hack: Cybersecurity in an even more vulnerable world

It is looking increasingly likely that computer hackers have in fact successfully attacked what had been the pinnacle of cybersecurity – the U.S. National Security Agency (NSA). A few days ago, reports began emerging of claims by a hacking group called the Shadow Brokers that it had breached the network of, and accessed critical digital content from, computers used by the Equation Group. This attracted more than the usual amount of attention because the Equation Group is widely believed to be a spying element of the NSA.
 

mister

Executive Member
Joined
Jul 21, 2008
Messages
9,044
Awesome news... another step closer to disclosure.
 

j4ck455

Executive Member
Joined
Jan 2, 2006
Messages
6,732
It is possible – perhaps even likely – that Shadow Brokers is a group of hackers linked to the Russian government.

While that is likely, following the urls in the article, one ends up at the following webcache url that appears to have been the original online release made by the Shadow Brokers.

The way that that was written, makes it look like a Chinese person wrote it, although it is equally likely that a Russian person wrote it in a way that makes it look like a Chinese person wrote it.

I seriously doubt that the NSA was hacked directly, it's more likely that an NSA employee had a version of the Equation Group's toolkit on a notebook or flash drive and the toolkit was copied over a compromised public network, for example free Starbucks wifi or something mundane like that.
 

j4ck455

Executive Member
Joined
Jan 2, 2006
Messages
6,732

Edward Snowden was suggesting that a non-NSA server, that the NSA had already hacked, and stored NSA binaries on, for use in another hack (probably already executed), was subsequently hacked by rival hackers, who then copied off the NSA's binaries, and subsequently released them very publicly, instead of just secretly holding on to the binaries.

Snowden, who worked for NSA contractors Dell and Booz Allen Hamilton, has offered some context and a relatively mundane possible explanation for the leak: that the NSA headquarters was not hacked, but rather one of the computers the agency uses to plan and execute attacks was compromised. In a series of tweets, he pointed out that the NSA often lurks on systems that are supposed to be controlled by others, and [highlight]it’s possible someone at the agency took control of a server and failed to clean up after themselves. A regime, hacker group, or intelligence agency could have seized the files and the opportunity to embarrass the agency[/highlight].

The implication in those tweets is that the NSA itself was not hacked.
 

Zoomzoom

Executive Member
Joined
Aug 15, 2014
Messages
5,469
Edward Snowden was suggesting that a non-NSA server, that the NSA had already hacked, and stored NSA binaries on, for use in another hack (probably already executed), was subsequently hacked by rival hackers, who then copied off the NSA's binaries, and subsequently released them very publicly, instead of just secretly holding on to the binaries.



The implication in those tweets is that the NSA itself was not hacked.

TBH I actually don't really care. All I care about is the fallout - whether it is going to make NSA type spying better (as in less, and more transparent, subject to the legal system) or worse (more, more hidden, less subject to legal oversight and restraint).
 

j4ck455

Executive Member
Joined
Jan 2, 2006
Messages
6,732
TBH I actually don't really care. All I care about is the fallout - whether it is going to make NSA type spying better (as in less, and more transparent, subject to the legal system) or worse (more, more hidden, less subject to legal oversight and restraint).

It's naive to think that any country's judicial oversight of any aspect of cyber surveillance will be anywhere near 100% effective, no matter what laws are passed and controls put in place, there will always be a grey area that escapes oversight.

Besides, the very nature of spying in any form, is covert activity that is not constrained by judicial oversight.

It's no secret that the NSA has been spying on anyone and everyone within and outside of the USA, and the same happens in many other countries that are able to spend money on cyber surveillance, in particular (but not limited to) Russia and China.

The "fallout" from what the Shadow Brokers have publicly released will mostly be political posturing and I would be very surprised if the NSA is not working around the clock to find ways of embarrassing Russia when Putin's government says something like "we told you that the NSA's hacking is out of control" because you can bet good money that both Russia and China are just as guilty.

I wouldn't be surprised if the NSA isn't trying very hard to get a Russian or Chinese "Snowden" to defect to the USA and spill the beans like Snowden did.
 

koeksGHT

Dealer
Joined
Aug 5, 2011
Messages
11,858
It's naive to think that any country's judicial oversight of any aspect of cyber surveillance will be anywhere near 100% effective, no matter what laws are passed and controls put in place, there will always be a grey area that escapes oversight.

Besides, the very nature of spying in any form, is covert activity that is not constrained by judicial oversight.

It's no secret that the NSA has been spying on anyone and everyone within and outside of the USA, and the same happens in many other countries that are able to spend money on cyber surveillance, in particular (but not limited to) Russia and China.

The "fallout" from what the Shadow Brokers have publicly released will mostly be political posturing and I would be very surprised if the NSA is not working around the clock to find ways of embarrassing Russia when Putin's government says something like "we told you that the NSA's hacking is out of control" because you can bet good money that both Russia and China are just as guilty.

I wouldn't be surprised if the NSA isn't trying very hard to get a Russian or Chinese "Snowden" to defect to the USA and spill the beans like Snowden did.

Snowden said countries hack each other routinely and USA has been plenty. We are literally in a cold hacking war age.

The internet is inadvertently the largest spying tool created.
 

j4ck455

Executive Member
Joined
Jan 2, 2006
Messages
6,732
Snowden said countries hack each other routinely and USA has been plenty. We are literally in a cold hacking war age.

The internet is inadvertently the largest spying tool created.

State sponsored hacking has been happening since the dawn on The Internet, it's not just something that the NSA started doing a few years ago and it is definitely not just the NSA that does it.

It's also not just about getting access to state secrets (like classified/secret material), it's also economically motivated (state sponsored industrial espionage) especially in the case of China which has both legally and illegally obtained intellectual property from companies everywhere.
 
Last edited:

koeksGHT

Dealer
Joined
Aug 5, 2011
Messages
11,858
State sponsored hacking has been happening since the dawn on The Internet, it not just something that the NSA started doing a few years ago and it is definitely not just the NSA that does it.

It's also not just about getting access to state secrets (like classified/secret material), it's also economically motivated (state sponsored industrial espionage) especially in the case of China which has both legally and illegally obtained intellectual property from companies everywhere.

Yep, if you cast the net large enough you are bound to catch sloppy mistakes humans routinely make.
 

Zoomzoom

Executive Member
Joined
Aug 15, 2014
Messages
5,469
State sponsored hacking has been happening since the dawn on The Internet, it's not just something that the NSA started doing a few years ago and it is definitely not just the NSA that does it.

It's also not just about getting access to state secrets (like classified/secret material), it's also economically motivated (state sponsored industrial espionage) especially in the case of China which has both legally and illegally obtained intellectual property from companies everywhere.

Yes but previously if you were basically joe soap citizen you had a reasonable chance of flying under the radar, and the West at least pretended it wasn't overtly spying on all its citizens like the communist regimes have done. Not to mention the sheer difficulty of managing data by hand put natural limits on much effort was expended on targets just in case they might do something. These days - who or what is exempt? Look at the system the UK is putting in place. Despite the few bleats of concern, which they will just ignore, it will happen. And they will have a massive database of everything you do that is in a public place to be caught on camera, or recorded.

It is extremely worrying. Freedom is under threat from every side in the name of 'safety'. We are going to give away our rights, and walk like sheep into the gas chamber of totalitarianism for a false sense of safety.

And when, not if, it happens, I will take no pleasure in saying I told you so.
 

Arthur

Honorary Master
Joined
Aug 7, 2003
Messages
25,794
Wheels within wheels.

It's just as possible that they set up this "hack" with breadcrumbs to see who exactly is behind it...
 

j4ck455

Executive Member
Joined
Jan 2, 2006
Messages
6,732
Yes but previously if you were basically joe soap citizen you had a reasonable chance of flying under the radar, and the West at least pretended it wasn't overtly spying on all its citizens like the communist regimes have done. Not to mention the sheer difficulty of managing data by hand put natural limits on much effort was expended on targets just in case they might do something. These days - who or what is exempt? Look at the system the UK is putting in place. Despite the few bleats of concern, which they will just ignore, it will happen. And they will have a massive database of everything you do that is in a public place to be caught on camera, or recorded.

It is extremely worrying. Freedom is under threat from every side in the name of 'safety'. We are going to give away our rights, and walk like sheep into the gas chamber of totalitarianism for a false sense of safety.

And when, not if, it happens, I will take no pleasure in saying I told you so.

News flash: the perceived freedoms you believe will be taken away from you, have already been taken away from you.

In SA, RICA has been in place for some time and it's not just for registering SIM cards, it is for interception of communications and the interception measures the act enabled have already been abused numerous times without proper judicial consent and oversight.

In the past, people enjoyed privacy by default, all of that has changed: by default we no longer enjoy any measure of privacy especially where The Internet is concerned.

It is the responsibility of individuals to secure their own communications, if for no other reason than to force intelligence gathering to stop relying entirely on invasive hacking which is also vulnerable to misinformation that has been planted.
 

Zoomzoom

Executive Member
Joined
Aug 15, 2014
Messages
5,469
News flash: the perceived freedoms you believe will be taken away from you, have already been taken away from you.

In SA, RICA has been in place for some time and it's not just for registering SIM cards, it is for interception of communications and the interception measures the act enabled have already been abused numerous times without proper judicial consent and oversight.

In the past, people enjoyed privacy by default, all of that has changed: by default we no longer enjoy any measure of privacy especially where The Internet is concerned.

It is the responsibility of individuals to secure their own communications, if for no other reason than to force intelligence gathering to stop relying entirely on invasive hacking which is also vulnerable to misinformation that has been planted.

I'm well aware they have already covertly been taken away - but the next step is to slowly shift the surveillance from covert to overt. From 'we are hunting for terrorists' to 'we are hunting criminals' and the next step after that is so-called 'enemies of the state' which will at that stage pretty much mean anyone who complains. Just like it was in the worst days in Russia and in East Germany with the Stasi.

Imagine this expanded a billion-fold in the internet age of information:

http://www.spiegel.de/international...ance-went-far-beyond-the-stasi-a-1042883.html

We are already at the stage where one must self-censor what you say online.
 
Last edited:
Top