Edward Snowden, known from the NSA's leaks, went out on Twitter today to discuss his details yesterday's hack in service from the 'Equation Group.' The Equation Group, allegedly an NSA branch, saw its defenses dissolve from a group calling itself 'The Shadow Brokers.' The data began to find their way online and soon we are expected to have new ones.
The collection of leaked data is reported to be from a cache of hacking tools, known as binaries.
According to Snowden, the tools were stored on an NSA test server as part of ongoing work to target and detect rival malware servers. This practice is also known as Counter Computer Network Exploitation, or CCNE - a process that allows NSA hackers to steal tools used by foreign (or domestic competitors) hackers in order to detect their digital fingerprints.
From fingerprints, it can be detected if the tools were used in other attacks but also the exact location of the hacker.
After each hack, NSA hackers have instructions to delete the executables from the server. However, according to Snowden, there are sometimes lazy people. So stolen tools and fingerprints in their memory can guide opponents to identify hackers and connect them directly with the NSA.
Snowden believes the hack may be of Russian origin and is a warning that "one can prove that the US is behind any attacks coming from this server."
9) This leak is likely to be a warning that someone can prove US responsibility for any attacks that originated from this malware server.
- Edward Snowden (@Snowden) August 16
Simply put, these leaked tools themselves may have been used for hacking in rival governments such as Russia, North Korea, Iran or China. In the worst case scenario, they could have been used for hacking in allied systems. If it turns out, it could have devastating consequences for US foreign policy.
Snowden warns that this situation could "get dirty" very quickly.