NSA Hacked, Vulnerabilities Exposed

NSA Hacked, Vulnerabilities Exposed

Over the weekend, a large data dump by a group calling itself the “Shadow Brokers” claimed to have stolen from the Equation Group, a hacking team that is believed to be associated with the National Security Agency.

The mysterious group posted a to their website, revealing some of the files they obtained and promising other, “better” files available to the highest bidder. The released files seem obtain top-secret computer code that the Equation Group has used to break into the networks of foreign governments and other espionage targets.

The code released was designed to break through network firewalls and get inside the computer systems of competitors like Russia, China and Iran. In turn, the NSA can place “implants” in the system, which allows them to lurk around unseen for years. This implant can help to monitor network traffic or even enable a debilitating computer attack.

The hack is a particularly bad one, as if the code is authentic, the Shadow Brokers have revealed that America’s top operatives have been hacked and their methods exposed.

Firewall markers Cisco and Fortinet have now confirmed the vulnerabilities included in the dump affected their products, a disclosure that lends credence to the theory that the Equation Group is indeed a NSA operation.

Cisco said in a security advisory that two vulnerabilities in the Shadow Brokers’ data could be used to breach its Adaptive Security Appliance software used in its firewalls.

“An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system,” Cisco’s statement said.

Fortinet also said that some of its products released prior to August 2012 contained a vulnerability that would allow an attacker to take execution control over a firewall.

Meanwhile, the Shadow Brokers also claim that their exploits will work on firewalls from Juniper Networks and TopSec, but neither company has publicly acknowledged the leak. The Shadow Brokers say they have additional yet-to-be-released exploits and are offering the data for sale in a Bitcoin auction. The group is asking for 1 million bitcoins (around $568 million at current rates), but the auction has yet to receive any significant bids.

Featured

New Products

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge.

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.