The hack of an NSA malware staging server is not unprecedented, but the publication of the take is. Here's what you need to know: (1/x)
-
-
3) This is how we steal their rivals' hacking tools and reverse-engineer them to create "fingerprints" to help us detect them in the future.
-
4) Here's where it gets interesting: the NSA is not made of magic. Our rivals do the same thing to us -- and occasionally succeed.
-
5) Knowing this, NSA's hackers (TAO) are told not to leave their hack tools ("binaries") on the server after an op. But people get lazy.
-
6) What's new? NSA malware staging servers getting hacked by a rival is not new. A rival publicly demonstrating they have done so is.
-
7) Why did they do it? No one knows, but I suspect this is more diplomacy than intelligence, related to the escalation around the DNC hack.
-
8) Circumstantial evidence and conventional wisdom indicates Russian responsibility. Here's why that is significant:
-
9) This leak is likely a warning that someone can prove US responsibility for any attacks that originated from this malware server.
-
10) That could have significant foreign policy consequences. Particularly if any of those operations targeted US allies.
-
11) Particularly if any of those operations targeted elections.
-
12) Accordingly, this may be an effort to influence the calculus of decision-makers wondering how sharply to respond to the DNC hacks.
-
13) TL;DR: This leak looks like a somebody sending a message that an escalation in the attribution game could get messy fast.
-
Bonus: When I came forward, NSA would have migrated offensive operations to new servers as a precaution - it's cheap and easy. So? So...
-
The undetected hacker squatting on this NSA server lost access in June 2013. Rare public data point on the positive results of the leak.
-
You're welcome,
@NSAGov. Lots of love. - 6 more replies
New conversation -
-
-
What info do you know about Aliens and UFOs expose them?
- 1 more reply
New conversation -
-
-
Dear Mr. Snowden, As a software developer, if I use strong encryption (arbitrarily strong,) are my communications safe? HTTPS?
-
It's not enough to use HTTPS, you need strong configuration. Research: certificate pinning, HSTS Preload, and check out SSLLabs
-
New conversation -
-
-
you are my hero
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.