CAI Managed IT blog
Exploits From the NSA are Now on the Black Market
If you panic in the event of a hacking attack, imagine how the National Security Agency (NSA) feels knowing that some of its exploits are for sale on the black market. While there isn’t any proof that the NSA has been breached, there’s evidence to suspect that their exploits are available for purchase on the black market. This means that a willing hacker could get their hands on government-grade hacking tools--a dangerous concept.
Granted, there’s no proof that the tools are legitimate exploits used by the NSA, and they certainly won’t admit to being hacked. Yet, some security professionals hint that the hackers might actually be telling the truth this time. Researchers have found sample files provided by the hackers to contain some legitimate exploits that could realistically be used to launch hacking campaigns. In fact, some of the stolen exploits take advantage of widely-used security services and firewall solutions, which could be used to infiltrate countless infrastructures around the world.
The hackers responsible for this crime claim to have stolen the exploits from the Equation Group, which is a cyber espionage organization that supposedly has ties to the NSA. The Equation Group is most notorious, perhaps, for their probable role in the development of the Stuxnet computer worm and other advanced malware. The group of hackers who stole the NSA’s exploits--aptly titled the Shadow Brokers--desire to auction the exploits to the highest bidder on the black market.
More specifically, the exploits for sale target the firewall technology of some big names in the cyber security industry, such as Cisco, Juniper, Fortinet, and Topsec (a Chinese brand). Despite suspicions, many security professionals are labeling the code as legitimate, and one has even managed to confirm that one of the exploits uses an IP address that’s registered to the United States Department of Defense. However, rather than the exploits being stolen directly from the NSA, it’s thought that they were discovered on another system that the NSA was in the process of monitoring and that the hackers stole the code in order to turn a profit off of it.
These hackers are currently selling the exploits on the black market in exchange for Bitcoin, but even if they were to receive a value proposition, who can say if it’s likely that they’ll actually hand over such valuable information? There are some researchers who believe that it’s nothing more than an elaborate scam, primarily due to the fact that the NSA hasn’t confirmed any affiliation with the Equation Group or the exploits. Perhaps the Shadow Brokers aren’t telling the truth, but either way, we can expect some dire consequences of such powerful exploits being leaked to the world.
The Shadow Brokers have claimed that they will publicly expose the exploits if they can acquire one million Bitcoins, which presents an interesting (and terrifying) gambit; what would happen if these exploits were to be made public? Hackers around the world would be able to exploit government-grade malware for espionage and network infiltration. It’s a nightmare just waiting to happen.
What are your thoughts on this development? Let us know in the comments.