NSA Hacked, Vulnerabilities Exposed
Over the weekend, a large data dump by a group calling itself the “Shadow Brokers” claimed to have stolen from the Equation Group, a hacking team that is believed to be associated with the National Security Agency.
The mysterious group posted a to their website, revealing some of the files they obtained and promising other, “better” files available to the highest bidder. The released files seem obtain top-secret computer code that the Equation Group has used to break into the networks of foreign governments and other espionage targets.
The code released was designed to break through network firewalls and get inside the computer systems of competitors like Russia, China and Iran. In turn, the NSA can place “implants” in the system, which allows them to lurk around unseen for years. This implant can help to monitor network traffic or even enable a debilitating computer attack.
The hack is a particularly bad one, as if the code is authentic, the Shadow Brokers have revealed that America’s top operatives have been hacked and their methods exposed.
Firewall markers Cisco and Fortinet have now confirmed the vulnerabilities included in the dump affected their products, a disclosure that lends credence to the theory that the Equation Group is indeed a NSA operation.
Cisco said in a security advisory that two vulnerabilities in the Shadow Brokers’ data could be used to breach its Adaptive Security Appliance software used in its firewalls.
“An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system,” Cisco’s statement said.
Fortinet also said that some of its products released prior to August 2012 contained a vulnerability that would allow an attacker to take execution control over a firewall.
Meanwhile, the Shadow Brokers also claim that their exploits will work on firewalls from Juniper Networks and TopSec, but neither company has publicly acknowledged the leak. The Shadow Brokers say they have additional yet-to-be-released exploits and are offering the data for sale in a Bitcoin auction. The group is asking for 1 million bitcoins (around $568 million at current rates), but the auction has yet to receive any significant bids.