Was an NSA server hacked? Edward Snowden thinks so

US News August 16, 2016
On Monday, a group called Shadow Brokers claimed to have hacked the NSA, and said they would auction off NSA "cyber weapons" they discovered in the hack. News of the leak prompted Edward Snowden, who famously copied and released classified NSA documents, to give his theory on the latest hacking scandal.
Photo via @NBCNews
· 15 Aug 2016

Hackers have allegedly stolen NSA-linked ‘cyber weapons’ and are auctioning them off

Hackers Have Allegedly Stolen NSA-Linked ‘Cyber Weapons’ an...
The United States government can’t seem to catch a break in cyberspace. Hackers claim to have stolen attack code from a team of sophisticated cyber spies known as “the Equation Group,&#...
fortune.com
4 replies 163 retweets 98 likes
· 15 Aug 2016

186Mb archive of apparent NSA malware released: password=theequationgroup More info:

theshadowbrokers/EQGRP-AUCTION
Contribute to EQGRP-AUCTION development by creating an account on GitHub.
github.com
73 replies 1,465 retweets 1,353 likes
· 15 Aug 2016

Github has entirely censored the release of data showing proof of NSA malware targetting Cisco & others.

132 replies 3,705 retweets 3,488 likes
· 15 Aug 2016

We had already obtained the archive of NSA cyber weapons released earlier today and will release our own pristine copy in due course.

130 replies 2,899 retweets 3,918 likes
· 16 Aug 2016

The hack of an NSA malware staging server is not unprecedented, but the publication of the take is. Here's what you need to know: (1/x)

98 replies 3,309 retweets 4,034 likes
· 16 Aug 2016

1) NSA traces and targets malware C2 servers in a practice called Counter Computer Network Exploitation, or CCNE. So do our rivals.

20 replies 1,316 retweets 1,536 likes
· 16 Aug 2016

2) NSA is often lurking undetected for years on the C2 and ORBs (proxy hops) of state hackers. This is how we follow their operations.

17 replies 1,272 retweets 1,454 likes
· 16 Aug 2016

3) This is how we steal their rivals' hacking tools and reverse-engineer them to create "fingerprints" to help us detect them in the future.

10 replies 1,240 retweets 1,452 likes
· 16 Aug 2016

4) Here's where it gets interesting: the NSA is not made of magic. Our rivals do the same thing to us -- and occasionally succeed.

22 replies 1,251 retweets 1,581 likes
· 16 Aug 2016

5) Knowing this, NSA's hackers (TAO) are told not to leave their hack tools ("binaries") on the server after an op. But people get lazy.

29 replies 1,170 retweets 1,479 likes
· 16 Aug 2016

6) What's new? NSA malware staging servers getting hacked by a rival is not new. A rival publicly demonstrating they have done so is.

22 replies 1,457 retweets 1,613 likes
· 16 Aug 2016

7) Why did they do it? No one knows, but I suspect this is more diplomacy than intelligence, related to the escalation around the DNC hack.

19 replies 1,196 retweets 1,460 likes
· 16 Aug 2016

8) Circumstantial evidence and conventional wisdom indicates Russian responsibility. Here's why that is significant:

33 replies 1,143 retweets 1,336 likes
· 16 Aug 2016

9) This leak is likely a warning that someone can prove US responsibility for any attacks that originated from this malware server.

27 replies 1,734 retweets 1,923 likes
· 16 Aug 2016

10) That could have significant foreign policy consequences. Particularly if any of those operations targeted US allies.

19 replies 1,295 retweets 1,539 likes
· 16 Aug 2016

11) Particularly if any of those operations targeted elections.

31 replies 1,242 retweets 1,619 likes
· 16 Aug 2016

12) Accordingly, this may be an effort to influence the calculus of decision-makers wondering how sharply to respond to the DNC hacks.

27 replies 1,125 retweets 1,421 likes
· 16 Aug 2016

13) TL;DR: This leak looks like a somebody sending a message that an escalation in the attribution game could get messy fast.

66 replies 1,865 retweets 2,288 likes
· 16 Aug 2016

Bonus: When I came forward, NSA would have migrated offensive operations to new servers as a precaution - it's cheap and easy. So? So...

27 replies 982 retweets 1,415 likes
· 16 Aug 2016

The undetected hacker squatting on this NSA server lost access in June 2013. Rare public data point on the positive results of the leak.

40 replies 1,255 retweets 2,026 likes
· 16 Aug 2016

You're welcome, . Lots of love.

203 replies 2,474 retweets 6,390 likes
· 16 Aug 2016

Given the leak, we know NSA has had huge permissions & USB drive management issues - so the insider theory should not be dismissed

2 replies 28 retweets 58 likes

More Moments
Report: Trump handled North Korea crisis in front of Mar-a-Lago guests
Politics 34 minutes ago
According to several reports, the president conducted a national security meeting in front of guests and diners (including Japanese Prime Minister Shinzō Abe) during a dinner at Mar-a-Lago over the weekend.
209 Likes
A crowd collectively mooned Trump Tower in Chicago 🍑
Weird 1 hour ago
On Sunday, a group gathered to show support for #RumpsAgainstTrump, a campaign that is aiming to get the President to release his tax returns.
399 Likes
A look at a largely African-American city that Trump nearly won
Politics 4 hours ago
In a thread of Tweets, Guardian reporter @Chris_arnade zoomed in on the community of Youngstown, Ohio, to examine what may have caused this community to swing heavily towards Donald Trump in the election.
275 Likes
Jerry Sandusky's 41-year-old son arrested on sex charges
US News 3 hours ago
The son of the imprisoned former Penn State assistant coach, Jeffrey, has been charged with 14 counts of child sex abuse. His adoptive father is serving for the sexual abuse of several boys.
47 Likes

The following Moment may contain sensitive content.

Previous
Next