Page Nav

HIDE

Grid

GRID_STYLE

Trending News

latest

Leaked NSA Hacking Tools Used To Hack Windows PCs

NSA-created cyber hacking tools spawn global attacks.  Leaked alleged NSA hacking tools appear to be behind a massive cyber attack disruptin...

NSA-created cyber hacking tools spawn global attacks. 
Leaked alleged NSA hacking tools appear to be behind a massive cyber attack disrupting hospitals and companies across Europe, Asia and the U.S., with Russia among the hardest-hit countries. The unique malware causing the attacks — which have been spotted in tens of thousands of incidents in 99 countries, according to the cyber firm Avast — has forced some hospitals to stop admitting new patients with serious medical conditions and driven other companies to shut down their networks, leaving valuable files unavailable.

A group that published hacking tools that security experts believe were stolen from the U.S. National Security Agency said on Tuesday it plans to sell a new batch of stolen code in July to customers willing to pay more than $22,000 for it. The Shadow Brokers group said in an announcement on the internet that it has not yet determined what files will be in the collection.

It has previously said it has access to tools for hacking into web mobile handsets and Microsoft Corp's Windows 10 operating system, web browsers and network routers. It is not clear whether the group actually possesses those tools, or would make good on its promise to release them. Security researchers have urged taking the threat seriously after the Shadow Brokers released a group of NSA hacking tools in April, including one that was used to launch this month's massive "WannaCry" cyber attack. 

The source of the worldwide digital assault seems to be a version of an apparent NSA-created hacking tool that was dumped online in April by a group calling itself the Shadow Brokers. The tool, a type of ransomware, locks up a company’s networks and holds files and data hostage until a fee is paid. Researchers said the malware is exploiting a Microsoft software flaw. The incident is just the latest in a string of eye-opening cyberattacks that have drawn attention to the ease of disrupting — on a global scale.

WannaCry ransomware
The Shadow Brokers burst onto the scene at the height of last year’s contentious presidential election. The group’s dump of seemingly legitimate NSA spying tools set off alarm bells inside the intelligence community that the NSA may have been the victim of a disturbing hack or another devastating leak of classified information. Just three years earlier, ex-NSA contractor Edward Snowden had exposed many of the secretive agency’s surveillance programs. 

Some even speculated that the Shadow Brokers group was a Russian front, and that the dump might be a warning to the Obama administration, which was contemplating at the time whether to publicly blame Moscow for the hacks that felled the Democratic Party and Hillary Clinton’s campaign during the 2016 election season. So far there has been no public evidence linking the Shadow Brokers to Moscow.

Authorities were also investigating whether the group had somehow obtained its secret cache from another NSA contractor, Hal Martin, who was arrested in August for pilfering classified materials from the government for years, allegedly compiling mountains of sensitive information at his home.

Digital privacy advocates were quick to blame the NSA for the incident, which will likely restart the debate about what the spy agency should do when it discovers “zero-day” software defects. Experts stressed the severity of the crippling ransomware attacks and warned that it likely would continue to expand throughout the U.S. Kevin Bankston, director of New America’s Open Technology Institute, argued that Congress should hold hearings on spy agencies’ use of code flaws and when they should be required to notify manufacturers.

Several cyber threat information sharing centers for a number of U.S. Industries — financial services, water, oil and natural gas — did not respond to questions about whether any of their members had reported intrusions. An energy industry group said it had seen no reports of infection in North America.

WannaCry crippled some 300,000 computers worldwide, causing disruptions at hospitals, post offices, auto plants and government offices. "This is potentially disastrous," said Matt Suiche, founder of cyber security firm Comae Technologies, who closely follows the Shadow Brokers. It is not clear who is behind the Shadow Brokers, though some security experts have said they believe the group is tied to the Russian government and working to embarrass the United States. 

NSA officials could not be reached for comment on Tuesday. The agency has declined to say if it built the hacking tools released by Shadow Brokers, or discuss the group's activities. A Microsoft representative said she had no immediate comment. The company said on May 16 that it was aware of Shadow Broker's claims that it had tools for hacking Windows 10, adding that its staff were actively monitoring emerging cyber threats.