Wednesday, May 24, 2017

Were NSA Hackers Just Outed by the Russians?

In 2014, the United States indicted five Chinese military hackers by name for their hacking of several U.S. companies.  Earlier this year, the U.S. indicted four Russians (including two officers in Russia's Federal Security Service) for their involvement in the Yahoo breach.

Apparently, what is good for goose is good for the gander, as the Russian affiliated "Shadow Brokers" group appears to have outed the names of several NSA employees--the first necessary step in a reciprocal Russian indictment:
But something went largely unnoticed outside the intelligence community. Buried in the files’ “metadata”—a hidden area that typically lists a file’s creators and editors—were four names. It isn’t clear whether the names were published intentionally or whether the files were doctored. At least one person named in the metadata worked for the NSA, a person familiar with the matter said.

Additionally, the hacking group in April sent several public tweets that seemingly threatened to expose the activities of a fifth person, former NSA employee Jake Williams, who had written a blog post speculating the group has ties to Russia.

For people who work in the intelligence community, having their identities or the work they have done outed is a significant concern, said Robert M. Lee, chief executive of cybersecurity firm Dragos Inc. and a former member of the intelligence community.

Because nation-state hackers might run afoul of other countries’ laws while discharging their duties, they could, if identified, face charges when outside their country. So, to keep their own people safe, governments for decades have abided by a “gentleman’s agreement” that allows government-backed hackers to operate in anonymity, former intelligence officials say.
The Shadow Brokers “made this personal,” Mr. Lee said. He believes the group left names in the metadata either because the group doesn’t care about redacting sensitive information, or because they wanted the names public.
Read it all here.

No comments:

Post a Comment