Earlier this Monday, August 15, a group of hackers posted a message on several sites claiming that they have hacked an unofficial NSA division known as “The Equation Group,” compromising several sensitive files, scripts, and cyber weapons.
The hacking group behind the breach call themselves “The Shadow Brokers.” Like most illegitimate cybercriminal bands, their physical location is unknown, and details about the origin of the hack are also currently not confirmed.
The group first posted its message on the online repository Github, on August 13, followed by posts on Pastebin and the popular blogging platform Tumblr. Most of these messages are no longer there, but it’s unclear if the government deleted them or the page’s admins.
The groups took its name from ‘Mass Effect 2’ character, the Shadow Broker was the best information broker of the galaxy within the game
The text is written in “broken” English, which has led some people to speculate about the nationality of the hacker group, narrowing it down to the usual suspects: Eastern Europe and Asia.
Further speculation leads to Russia, as the European giant was supposedly behind the DNC leaks back in June. According to experts, if the hack is real, then, the reach and skill of the group responsible must be near government-level. The files disclosed in the leak are still making waves in the news and the election process in the United States.
At the receiving end of the hack is the alleged National Security Agency (NSA) hacking arm, “The Equation Group.” This organ was first discovered by the security specialists at Kaspersky back in 2015, referring to it as a body which had been operating under the radar for nearly twenty years.
As cyber-security actors, neither the NSA nor “The Equation Group” have confirmed affiliation to each other. If the link exists, though, this would translate into the NSA being behind the development and deployment of malware designed to breach companies like Topsec, Juniper, Cisco, and Fortigate.
“The Shadow Brokers” have released some sample files that demonstrate their reported legitimacy, and the data match some of the original tools that reportedly make up the cyberweapon arsenal at the hands of the NSA. Experts were able to trace the “authenticity” of the files back to the NSA thanks to Edward Snowden’s massive leak back in 2013.
— CNNMoney (@CNNMoney) August 16, 2016
The secrets of the NSA are on sale
Following the dump of a reported 40% of the total “Equation Group” findings, the hackers will “auction the best files” to the highest bidders. How much are “The Shadow Brokers” asking for to release the rest of the information? 1 million bitcoins, which in USD amounts to more than $500 million.
Any further details about the cyber-attack remain to be confirmed or disclosed by the agency, although it is highly unlikely that the government office addresses the situation head on.
However, many experts have voiced their views and concerns as the breach seems legitimate. If the hack is not a hoax, it could pose a serious threat to cyber security around the world.