Edward Snowden, known from the NSA leaks, came out today on Twitter to discuss its details of yesterday's service hack by the 'Equation Group.' The Equation Group which is said to be an offshoot of the NSA has seen its defenses dismantled by a group calling themselves 'The Shadow Brokers.' The data has started to find its way online and we should have news soon.
The collection of data The leaked files are said to be from a cache of hacking tools, known as binaries.
According to Snowden, the tools ήταν αποθηκευμένα σε ένα διακομιστή δοκιμών της NSA σαν μέρος των συνεχιζόμενων εργασιών για τη στόχευση και την ανίχνευση αντίπαλων malware servers. Η πρακτική αυτή είναι γνωστή και ως Counter Desktop Network Exploitation, or CCNE – a process that allows NSA hackers to steal tools used by foreign (or domestic competitor) hackers in order to discover their digital traces (fingerprints).
From fingerprints, it can be detected if the tools were used in other attacks but also the exact location of the hacker.
After each hack, NSA hackers have instructions to delete the executables from the server. However, according to Snowden, there are sometimes lazy people. So stolen tools and fingerprints in their memory can guide opponents to identify hackers and connect them directly with the NSA.
Snowden believes the hack may be of Russian origin and is a warning that "one can prove that the US is behind any attacks coming from this server."
9) This leak is likely to be a warning that someone can prove US responsibility for any attacks that originated from this malware server.
- Edward Snowden (@Snowden) August 16
Simply put, these leaked tools themselves may have been used for hacking in rival governments such as Russia, North Korea, Iran or China. In the worst case scenario, they could have been used for hacking in allied systems. If it turns out, it could have devastating consequences for US foreign policy.
Snowden warns that this situation could "get dirty" very quickly.