NSA Knew of Flaw Three Years in Advance That Led To Cyber Attack

A little over a month after a group of hackers known as the Shadow Brokers publicly exposed tools used by National Security Agency (NSA) cyberspies, Reuters has reported an investigation led by the Federal Bureau of Investigation (FBI) shows that for at least three years, the NSA knew about the “mistake” that made this exposure possible.

The investigation is focusing “on a theory that one of its operatives carelessly left them available on a remote computer and Russian hackers found them,” Reuters explains. Despite the anonymous sources’ comments, Reuters adds, “investigators have not determined conclusively that the Shadow Brokers group is affiliated with the Russian government.”

The tools exposed publicly were used by NSA-backed hackers to exploit flaws in software developed by popular vendors such as Fortinet Inc. and Cisco Systems. Cisco is the largest networking company in the world and is often hailed as the “single most powerful company in enterprise networking” by experts.

Reuters reports the NSA found out “an employee or contractor made the mistake about three years ago during an operation that used the tools,” but officials chose to forego acknowledging the mistake to the companies whose software had been compromised. Instead, they preferred to “[tune] its sensors to detect use of any of the tools by other parties, especially foreign adversaries with strong cyber espionage operations, such as China and Russia.”

NSA officials claim this approach could help “identify rival powers’ hacking targets, potentially leading them to be defended better. It might also have allowed U.S officials to see deeper into rival hacking operations while enabling the NSA itself to continue using the tools for its own operations.”

But as the NSA remained in the dark as to whether or not anybody had enjoyed access to these tools after the “mistake” — since the agency’s sensors “did not detect foreign spies or criminals using the tools on U.S. or allied targets” — U.S. manufacturers affected by this security mistake weren’t warned about the potential ramifications.

According to Reuters, the theory that a former NSA employee (or employees) may have left the tools exposed on purpose hasn’t been ruled out. Nevertheless, the FBI is now focusing on the theory that a mistake was to blame and that NSA officials who were aware of the problem may have taken too long to act.

Tech Dirt criticized the NSA for its negligence, claiming that allowing these tools to be left lying around as bait “affects a great deal of Cisco’s networking equipment.” Despite the agency’s previous comments claiming the agency “passed on information about vulnerabilities to affected companies ‘90% of the time’, … [a] number of … products offered by US tech companies” were also compromised for years.

Tech Dirt added that the NSA has a long history of refusing to admit deploying its exploits in such an irresponsible manner has inherent dangers. Like any other agency, Tech Dirt continued, the NSA makes mistakes; the difference between the NSA and others is that “when the NSA screws up, it exposes its willingness to harm American tech companies to further its own intelligence needs.”

How to Disappear Off the Grid Completely (Ad)

Yet tech companies are asked to blindly trust the government and are criticized for refusing to build back doors into their software to satisfy the U.S. government’s desires for access to technology used by millions of innocent Americans and foreigners.

When faced with reports like this one, millions of Americans understand that government’s incompetence should be taken into consideration by companies that make a living providing consumers with online privacy and security. So why do politicians continue to demand that boundless access to innocent Americans’ communications without the benefit of due process equals security?

This article (NSA Knew of Flaw that Led to Cyber Attack Three Years in Advance) is free and open source. You have permission to republish this article under a Creative Commons license with attribution to Alice Salles and theAntiMedia.org. Anti-Media Radio airs weeknights at 11 pm Eastern/8 pm Pacific. If you spot a typo, please email the error and name of the article to edits@theantimedia.org.