New context from US National Security Agency whistleblower Edward Snowden makes the case that files dumped online over the weekend probably came from the NSA.
NSA Headquarters/Getty Images
Hacking group “The Shadow Brokers” made headlines yesterday when it leaked files that supposedly belonged to “Equation Group”, which has widely been speculated to be an NSA hacking offshoot. When researchers from Kaspersky analysed Equation Group, they found codenames also found in documents leaked by Snowden. The Shadow Brokers only released some of the files, which computer security experts have deemed as legitimate, and are asking for millions of dollars in bitcoins to release the rest. The files supposedly contain the frameworks for multiple NSA hacking tools.
According to Snowden, some NSA spies may have gotten lazy, and left their hacking tools on the malware staging server.
The hack of an NSA malware staging server is not unprecedented, but the publication of the take is. Here’s what you need to know: (1/x)
— Edward Snowden (@Snowden) August 16, 2016
5) Knowing this, NSA’s hackers (TAO) are told not to leave their hack tools (“binaries”) on the server after an op. But people get lazy.
— Edward Snowden (@Snowden) August 16, 2016
Snowden also theorises that this hack might make it possible for foreign countries to definitively attribute hacks conducted against them to the United States.
9) This leak is likely a warning that someone can prove US responsibility for any attacks that originated from this malware server.
— Edward Snowden (@Snowden) August 16, 2016
This hack is still playing out, and there is much more to come. But this insider knowledge from Snowden just made it much, much more interesting.
You’re welcome, @NSAGov. Lots of love.
— Edward Snowden (@Snowden) August 16, 2016