The N.S.A. Got Pwned

By Andrew Witzel

The malware outbreak that started last Friday, dubbed WannaCry, appears to be just the start of some major blowback directed at the National Security Agency (NSA) perpetrated by a hacking group calling themselves Shadow Brokers. This group announced last August that was auctioning off highly classified hacking tools used by none other than our very own NSA, which was the start of a panic that has dominated the agency since.

Dozens of the NSA’s software exploits were dumped onto the Internet, for free, to any criminal and foreign spy. The writing was on the wall at that point and it was only a matter of time before one of the exploits leaked was used against the country that created them and her allies. The WannaCry malware, affecting computer systems in 150 countries, shut down hospitals, disrupted rail traffic and created a general sense of frustration from IT Administrators around the world.

For half a century, NSA pried into other people’s secrets, now they’re suddenly sitting ducks who have their secrets stolen and used around the world.

Multiple events have recently put a spotlight on the NSA’s ability to keep the secrets they have protected from leaking to the outside world. In an age of technology and cyber espionage, the NSA is critically unprepared for the coming storm of criticism from the United States government and foreign allies. Edward Snowden gave journalists hundreds of thousands of NSA documents in 2013 that were promptly verified and leaked on WikiLeaks. Harold Martin, III was charged with walking out of the NSA with a massive 50 terabytes of confidential data in 2016.

The debut of the Shadow Brokers occurred just before Harold was formally charged by the NSA for stealing this data. There is also dissension in the ranks of former members of the NSA as Michael Hayden, Director of the NSA from 1999 to 2005, has said: “I cannot defend an agency having powerful tools if it cannot protect the tools and keep them in its own hands.” The loss of malware, the damage it’s caused, is a serious threat to the future of the agency as a whole.

As if this isn’t already bad enough, the hacking group has announced they are launching a monthly subscription model in a mocking tone of fake broken English. “Is being like the wine of month club. Each month peoples can be paying a membership fee, then getting members only data dump each month.

What members doing with data after is up to members.” The post’s title, “OH LORDY! Comey Wanna Cry Edition” is part of the reason that the WannaCry malware got its nickname. Experts have said the dump of NSA tools by the group had workable exploits that can and do spread rapidly, infecting hundreds of thousands of computer systems around the world. There is most certainly more NSA malware that has not been released yet, a fact that has may researchers and experts saying that this is just the beginning of the world’s problems.

In a final blow to the NSA, specialists have detected evidence that North Korea may have carried out the start of the attack. An adversary took leaked malware exploits and used them to attack the very authors of the malware for their own benefit. The episode with Shadow Brokers spells disaster for the NSA that has put a spotlight on the stakes of leaks from an agency that has amassed a literal arsenal of stealthy software tools that, until recently, were only used to break into foreign computer networks and gather intelligence.

Shadow Brokers has single-handedly exposed the NSA, showed the world just how far they are willing to go in the so-called protection of “national security” in the United States. Since the middle of April, the exploits DoublePulsar and EternalBlue have gone into the wild, WannaCry is built on the EternalBlue exploit. Cyber specialists have already found another NSA tool that has been weaponized and offered for sale with another dozen agency exploits being discussed by hackers on how to utilize them effectively.

In a bitter twist, the chief executive of BinaryEdge had a kind of compliment about the agency, now under siege:

These tools were beautifully made. Hard to detect and easy to use. They were pretty much point and shoot. Even under the circumstances, you have to appreciate good engineering.

Not much of a consolation for those recently infected with WannaCry. The NSA has a rough road ahead.

Share Your Thoughts?