Don't forget I told you cats about the NSA creep-tip two years ago, and gave you a concrete specific recommendation for shoring up your end-point game to protect at least a little something...,
FP | Weaver believes that when the Shadow Brokers published a broad list
of the tools in their possession in January, hoping to auction them off,
the NSA moved quickly.
The NSA “did clearly, quietly tell Microsoft,” Weaver said, allowing
the company to repair the holes before script kiddies and criminal
hackers started figuring out the specifics of the exploits.
Microsoft published a massive patch exactly a month before the Shadow Brokers unleashed its trove.
Neither Microsoft nor the NSA immediately responded to a request for comment.
Before Microsoft revealed it had patched most of the holes, the
Shadow Brokers’ release reignited the debate about when government
agencies should be required to disclose vulnerabilities it finds in such
major products as devices and browsers.
The White House’s Vulnerabilities Equities Process, which determines
whether those flaws should be shared with the company in order to be
repaired, or taken advantage of by intelligence agencies, was
reinvigorated in 2014. The process involves several major agencies,
which consider the likelihood that other nation states or criminal
actors would come across the same flaws.
It’s unclear, however, which agencies are involved in the process and how those decisions are made. The agencies are not required
to disclose vulnerabilities purchased or researched through government
sponsorship. If the NSA told Microsoft about the tools, it was because
the agency knew or suspected the vulnerabilities had been compromised.
Intelligence officials see the latest Shadow Brokers release as part
of a larger erosion of capabilities that has been going on since 2013,
when former NSA contractor Edward Snowden gave journalists internal NSA
documents. Snowden’s leak kicked off a chain of damaging exposures that,
while sparking an important worldwide debate about privacy, severely
damaged U.S. intelligence capabilities, the former intelligence official
argued.
One former TAO employee who spoke with Foreign Policy
believes the release is “a bit dated,” because hacking tools to access
more current Windows projects and other browsers weren’t included.
“It is a significant leak. … It gets harder to develop tools as
defenses improve,” the former TAO employee said. “But it’s still
entirely possible. There are many bugs to be found.”
But the intelligence community’s ability to keep those bugs secret
for any amount of time continues to be questioned. In this latest leak,
detailed NSA notes and work product were included in addition to
technical details about the hacking tools — likely indicating deep-level
access to TAO troves. “This should be on an NSA computer only,” Weaver
told Foreign Policy.
The details the Shadow Brokers revealed are “scary,” the former
cyberintelligence employee said, details that must be from internal
emails, chat logs, or insider knowledge.
Only a handful of countries could have pilfered such sensitive
material from the NSA remotely, the former TAO employee wrote, Russia
and Israel the mostly likely among them.
“If it was an inside job like an operator [typically military]
walking out with a thumb drive, then who knows,” the former TAO source
wrote.
In recent years, the intelligence community has largely failed to
detect insider threats and stem leaks from contractors. Thousands of
private companies and their employees make up a massive percentage of
the intelligence community’s workforce. As of a decade ago, about 70
percent of the intelligence community’s budget was spent on contracts,
according to the Congressional Research Service.
0 comments:
Post a Comment