A hacking collective known as the Shadow Brokers are auctioning stolen surveillance tools used by a US government sponsored information security group.
The Shadow Brokers calls these utilities "weapons" and were taken from an NSA linked group that cyber security firm Kaspersky refers to as the "Equation Group." The Equation Group is a known threat actor, an organisation or entity whose activities can compromise the information security of an organisation. Here are some of the leaked tools that Shadow Group has put on auction.
Kaspersky's Global Research and Analysis Team (GReAT) refers to the Equation Group as the "Death Star of the Malware Galaxy." Kaspersky also calls the Equation Group "Omnipotent". The Equation Group are one of the most technologically sophisticated groups in the world, with the creators of complex malware such as Stuxnet and Flame working for them.
Equation Group has been known to use zero day exploits for its attacks. A zero day exploit is a security vulnerability that is unknown to the organisation creating the hardware or software with the vulnerability. For example, some of the zero day exploits that have supposedly leaked from the Equation Group to the Shadow Brokers have to do with Cisco products.
The Equation Group had been hoarding a number of these zero day exploits, to use in its operations, and when these leak, there is a major problem for information security. This raises serious questions on the acceptability of such practices by major security agencies associated with governments. In this case, according to Wired, it is inevitable that there will be an investigation into NSA over the leaks.
The Shadow Group getting its hands on what increasingly look like actual tools used by one of the most advanced government sponsored threat actors shows that no one is immune to leaks. Hoarding such tools, or keeping zero day exploits secret, will eventually become a major problem to individuals and organisations. It is only a matter of time before the secrets get leaked. The information is going to eventually get into the wild, so it is safer to inform the affected companies of the zero day exploits.
Microsoft just unintentionally demonstrated why backdoors are a bad idea when it accidentally released configuration files that made Microsoft technologies vulnerable to some kinds of attacks.
Published Date: Aug 18, 2016 03:56 pm | Updated Date: Aug 18, 2016 03:56 pm