Wed, 14 Nov 2018

Double trouble for NSA: Fighting foreign hackers and moles

By Sheetal Sukhija, US News
14 Nov 2017, 04:23 GMT+10

WASHINGTON, U.S. - Crippled by a series of catastrophic breaches and leaks, for over a year now, America’s National Security Agency has been investigating the problem, to determine whether its troubles are being magnified by foreign hackers or a mole within the agency.

In a report, The New York Times has stated that at the center of the double trouble gripping the country’s largest and most secretive intelligence agency is a mysterious group called the Shadow Brokers.

The NSA, which compiles massive troves of data on U.S. citizens and organizes cyber offensives against America’s enemies, has been deeply breached by the group.

The group has been taunting the agency with periodic leaks of secret code online, which the agency’s employees believe are much more damaging to national security than the information leaked by former NSA contractor Edward Snowden. 

The Shadow Brokers reportedly post cryptic, mocking messages pointed towards the NSA as they sell the cyber weapons, created at a huge cost to U.S. taxpayers, to any and all buyers, including America’s enemies like North Korea and Russia.

Jake Williams, a cybersecurity expert who formerly worked on the NSA's hacking group and founder of Rendition Infosec said, "We're obviously dealing with people who have operational security knowledge. They have the whole law enforcement system and intelligence system after them. And they haven’t been caught."

He added, “It's a disaster on multiple levels. It's embarrassing that the people responsible for this have not been brought to justice."

So far, over the last 12 months, a wave of cybercrime has been linked to the release of the NSA's leaked cyber weapons. 

According to some of the employees, who spoke anonymously, some of the stolen code has been used in global malware attacks by virus-encryptors WannaCry and Petya, which crippled hospitals and government institutions across the world, affected over 100 countries earlier this year. 

Further, the report describes current and former employees as saying that there is a mole hunt ongoing inside the agency.

They revealed that some employees have been asked to hand over their passports and undergo questioning. 

However, despite the 15-month long probe, investigators are yet to ascertain who the culprits are.

They are trying to determine whether an insider stole an entire thumb drive of sensitive code, or if it was a group of Russian hackers who managed to breach NSA defenses. 

A former employee was cited as saying, “How much longer are the releases going to come? The agency doesn’t know how to stop it—or even what ‘it’ is.”

Leon E. Panetta, the former defense secretary and director of the Central Intelligence Agency was quoted as saying in the expose, "These leaks have been incredibly damaging to our intelligence and cyber capabilities. The fundamental purpose of intelligence is to be able to effectively penetrate our adversaries in order to gather vital intelligence. By its very nature, that only works if secrecy is maintained and our codes are protected."

An NSA source said that the attack is partially the NSA's own fault. 

According to the source, the NSA has long prioritized cyber offense over securing its own systems. 

Panetta pointed out, as a result of this, the U.S. now essentially has to start over on cyber initiatives, as it is totally exposed now. 

More importantly, officials pointed out that the serial leak of the agency’s cyberweapons has damaged morale, slowed intelligence operations and resulted in hacking attacks on businesses and civilians worldwide.

In the melee, many employees are reportedly preferring to leave the agency for better-paid jobs.

Since 2015, three people have been arrested for taking classified files but it is not clear whether they were involved in the incident.

Sign up for US News

a daily newsletter full of things to discuss over drinks.and the great thing is that it's on the house!