A new report shows how the foundation of cybersecurity within the U.S. government has been rocked, as a group known as the Shadow Brokers “deeply infiltrated” the National Security Agency, and since then, hackers have used the NSA’s own tools against other entities in a number of crippling cyberattacks. Now 15 months into an internal investigation, officials are still looking for answers.
The harrowing report comes from The New York Times, which revealed that disclosures from the Shadow Brokers group of hackers began in August 2016 — these disclosures have been described as “catastrophic.” Cyberattacking tools created by the U.S. government “have now been picked up by hackers from North Korea to Russia and shot back at the United States and its allies.”
Real World Effects
A number of cyberattacks have already occurred as a result of these leaks, with the article listing a wide range of outcomes: millions of computers shut down by ransomware, private business dealing with data wipes, and much, much more. The report claims the attacks “disrupted production at a car plant in France, an oil company in Brazil and a chocolate factory in Tasmania, among thousands of enterprises affected worldwide.”
With thousands of attacks already taking place, and a near certainty of more to follow, it’s no wonder the article claims there is “broad agreement” that the damage done by the Shadow Brokers “far exceeds” the actions of former NSA contractor Edward Snowden.
Looking For Answers
The FBI and the NSA’s counterintelligence arm, Q Group, are conducting the ongoing investigation. According to the report, officials are unsure if the NSA was victimized by “a brilliantly executed hack, with Russia as the most likely perpetrator,” if an insider leaked the information, or if there was some combination of the two which led to the disastrous situation facing the agency today.
And by all accounts, this is truly a disaster, with members of the Shadow Brokers taunting American officials as the NSA hunts for a mole within its ranks. There’s much more information within the full Times article, but there’s little doubt that this is just the start of what will surely be a massive, ongoing story.
There’s really nothing that members of the public can do about a large-scale governmental breach, as depressing and disturbing as it may be. But if nothing else, it should be a lesson to make sure your own information is as secure as possible, and to be vigilant when online.