NSA Hacked, Vulnerabilities Exposed

NSA Hacked, Vulnerabilities Exposed

Over the weekend, a large data dump by a group calling itself the “Shadow Brokers” claimed to have stolen from the Equation Group, a hacking team that is believed to be associated with the National Security Agency.

The mysterious group posted a to their website, revealing some of the files they obtained and promising other, “better” files available to the highest bidder. The released files seem obtain top-secret computer code that the Equation Group has used to break into the networks of foreign governments and other espionage targets.

The code released was designed to break through network firewalls and get inside the computer systems of competitors like Russia, China and Iran. In turn, the NSA can place “implants” in the system, which allows them to lurk around unseen for years. This implant can help to monitor network traffic or even enable a debilitating computer attack.

The hack is a particularly bad one, as if the code is authentic, the Shadow Brokers have revealed that America’s top operatives have been hacked and their methods exposed.

Firewall markers Cisco and Fortinet have now confirmed the vulnerabilities included in the dump affected their products, a disclosure that lends credence to the theory that the Equation Group is indeed a NSA operation.

Cisco said in a security advisory that two vulnerabilities in the Shadow Brokers’ data could be used to breach its Adaptive Security Appliance software used in its firewalls.

“An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system,” Cisco’s statement said.

Fortinet also said that some of its products released prior to August 2012 contained a vulnerability that would allow an attacker to take execution control over a firewall.

Meanwhile, the Shadow Brokers also claim that their exploits will work on firewalls from Juniper Networks and TopSec, but neither company has publicly acknowledged the leak. The Shadow Brokers say they have additional yet-to-be-released exploits and are offering the data for sale in a Bitcoin auction. The group is asking for 1 million bitcoins (around $568 million at current rates), but the auction has yet to receive any significant bids.

  • The Z-Wave Alliance Focuses on the Residential Market The Z-Wave Alliance Focuses on the Residential Market

    Mitchell Klein serves as the executive director of the Z-Wave Alliance, an industry organization that drives numerous initiatives to expand and accelerate the global adoption of smart home and smart cities applications. In this Podcast, we talk about the 2022 State of the Ecosystem, and the fact that technology has brought about almost unimaginable residential security resources. The Alliance also provides education resources as well as looking at expanding technology.

Digital Edition

  • Security Today Magazine - May June 2022

    May / June 2022


    • The Ying and Yang of Security
    • Installing Smart Systems
    • Leveraging Surveillance
    • Using Mobile Data
    • RIP Covid-19

    View This Issue

  • Environmental Protection
  • Occupational Health & Safety
  • Infrastructure Solutions Group
  • Spaces4Learning
  • Campus Security & Life Safety