In what can referred to as an ongoing crisis for the National Security Agency (NSA) new information has come to light regarding multiple data dumps from a group calling themselves “Shadow Brokers,” which has essentially made tools and software—used by the NSA hacking group Tailored Access Operations (TAO)—useless.
While the breaches in security by the Shadow Brokers is now well known, the consistent publishing of NSA information is a massive concern within the surveillance community. What were supposed to be secret pieces of software that would supposedly help the NSA root out shady and terrorist behaviour, has now fallen into the hands of the very same people.
One of the most notable things that has come from these regular does of NSA information is the strategic loophole or exploit that allowed the notorious WannaCry ransomware attack to happen, which affected over 40,000 computers in a 150 countries.
In a lengthy investigative piece published this week, The New York Times found that while the 2013 leak of NSA secrets by Edward Snowden gained far more media attention, the types of attacks the Shadow Brokers have been able to pull off are far more deadly in both intent and execution. The following excerpt from the NYT piece briefly highlights such severity:
“Mr. Snowden’s cascade of disclosures to journalists and his defiant public stance drew far more media coverage than this new breach. But Mr. Snowden released code words while the Shadow Brokers have released the actual code; if he shared what might be described as the battle plans, they have loosed the weapons themselves.”
While the Shadow Brokers didn’t expose any type of actual surveillance, in the vein of Snowden’s leak, they did nullify the usefulness of NSA generated tools and software, at least to the organization itself. Furthermore, the types of tools and information stolen and consistently released by the Shadow Brokers have already been used to negatively affect thousands of citizens and business with more to be expected in the near future.
Also stated in the NYT article is that despite a 15 month criminal investigation into the leaks by the FBI, no progress has been made to identifying the individuals involved.
You can find the New York Times piece here.