Tuesday, November 14, 2017

The deepest of the deep state agencies is deeply vulnerable

The story of the Shadow Brokers hacking the NSA.


Bottom line from Charlie Pierce:
In brief, these people hacked our hackers, and the problem seems to have been that the NSA was so bent on offensive cyber operations that it neglected to defend its own people and property. So, when the NSA hackers themselves got hacked, apparently by people who simply are better at it than the NSA’s people are, the door to the vault where the family jewels are kept was wide open. Money well-spent again. Now, the agency is convulsed in a hunt for moles and trolls in its own ranks, an exercise that, in the hothouse environment of an intelligence agency, almost is guaranteed to spread suspicion and demolish morale, if history is any guide.

And because, last November, we chose to elect a vulgar talking yam to be president*, even this episode carries with it the distinct sound of a carnival calliope summoning the suckers to the midway.

 Charles P Pierce
P.S.  Shadow Brokers appear to be a group pissed off that Trump didn't do all the things he said he would to restore white supremacy to the States.

P.P.S.  Could this be the work of the "second leaker" referenced in Laura Poitras' documentary about Edward Snowden?
Current and former agency officials say the Shadow Brokers disclosures, which began in August 2016, have been catastrophic for the N.S.A., calling into question its ability to protect potent cyberweapons and its very value to national security. The agency regarded as the world’s leader in breaking into adversaries’ computer networks failed to protect its own.

[...]

Created at huge expense to American taxpayers, those cyberweapons have now been picked up by hackers from North Korea to Russia and shot back at the United States and its allies.

[...]

Tens of thousands of employees at Mondelez International, the maker of Oreo cookies, had their data completely wiped. FedEx reported that an attack on a European subsidiary had halted deliveries and cost $300 million. Hospitals in Pennsylvania, Britain and Indonesia had to turn away patients. The attacks disrupted production at a car plant in France, an oil company in Brazil and a chocolate factory in Tasmania, among thousands of enterprises affected worldwide.

American officials had to explain to close allies — and to business leaders in the United States — how cyberweapons developed at Fort Meade in Maryland came to be used against them. Experts believe more attacks using the stolen N.S.A. tools are all but certain.

[...]

Three employees have been arrested since 2015 for taking classified files, but there is fear that one or more leakers may still be in place. And there is broad agreement that the damage from the Shadow Brokers already far exceeds the harm to American intelligence done by Edward J. Snowden, the former N.S.A. contractor who fled with four laptops of classified material in 2013.

[...]

Much of the agency’s arsenal is still being replaced, curtailing operations. Morale has plunged, and experienced specialists are leaving the agency for better-paying jobs — including with firms defending computer networks from intrusions that use the N.S.A.’s leaked tools.

“It’s a disaster on multiple levels,” Mr. Williams said. “It’s embarrassing that the people responsible for this have not been brought to justice.”

  NYT
They've been pretty quiet about it. Or maybe most journalists are just focused on the Trump administration debacle.
Some veteran intelligence officials believe a lopsided focus on offensive weapons and hacking tools has, for years, left American cyberdefense dangerously porous.

“We have had a train wreck coming,” said Mike McConnell, the former N.S.A. director and national intelligence director. “We should have ratcheted up the defense parts significantly.”


...but hey, do what you want...you will anyway.

No comments: