Ex-NSA insiders: There's 'a lot of panic' over what's been exposed by this massive hack

Before you go, we thought you'd like these...

Possibly stolen NSA spy tools may be auctioned off to any bidder soon

A group calling itself the "Shadow Brokers" claims that it hacked into the National Security Agency and stole an apparent treasure trove of exploits and hacking tools that it now wants to auction off, which some ex-NSA insiders say is extremely bizarre and very serious.

"It's a big deal," Dave Aitel, an ex-NSA research scientist and CEO of penetration testing firm Immunity Inc., told Business Insider. "We'd be panicking."

Yet he added: "But then it is rather old stuff. So the question is, is it so old that it's essentially irrelevant but looks very relevant? Or is some of this stuff still in use every day? I don't know."

SEE ALSO: An expert says we won't have to wait until October for an election-changing surprise

Earlier this week, Shadow Brokers announced that it was selling a number of cyber weapons claiming to be stolen from The Equation Group. That is a hacking unit that was uncovered last year by Kaspersky Labs that many believe are within the NSA. In its data dump of proof, the brokers offered files dating back to 2013 to allegedly exploit FortiGate and Cisco firewalls, among others.

Aitel doesn't think that the NSA was actually hacked, though he does think that the files look legitimate. Instead, he told us, the much more likely scenario is that an insider walked out of a secure area with this data on a USB key, which could have been sold or stolen.

"No one puts their exploits on a [command-and-control] server," Aitel said. "That's not a thing."

RELATED: See recent anti-NSA protests

19 PHOTOS
Protests of NSA data spying - National Security Administration
See Gallery
Protests of NSA data spying - National Security Administration
Demonstrators rally near the U.S. Capitol in Washington to demand that Congress investigate the National Security Agency's mass surveillance programs Saturday, Oct. 26, 2013. ( AP Photo/Jose Luis Magana)
Demonstrators march through Washington towards the U.S. Capitol to rally and demand that the Congress investigate the National Security Agency's mass surveillance programs Saturday, Oct. 26, 2013. ( AP Photo/Jose Luis Magana)
Surveillance cameras are visible near the U.S. Capitol in Washington Saturday, Oct. 26, 2013, during a rally to protest against the National Security Agency's spying on Americans, and to demand action from Congress on the NSA's mass surveillance programs. ( AP Photo/Jose Luis Magana)
Surveillance cameras are visible near the U.S.Capitol in Washington Saturday, Oct. 26, 2013, during a rally to protest against the National Security Agency's spying on Americans, and to demand action from Congress on the NSA's mass surveillance programs. ( AP Photo/Jose Luis Magana)
Demonstrators holds up banners with the picture of Edward Snowden during march outside of the Capitol Hill demanding Congress investigate the National Security Agency's mass surveillance programs in Washington Saturday, Oct. 26, 2013. (AP Photo/Jose Luis Magana)
Demonstrators march through Washington towards the National Mall for a rally to demand that Congress investigate the National Security Agency's mass surveillance programs Saturday, Oct. 26, 2013. ( AP Photo/Jose Luis Magana)
Laura Murphy, Director of the Washington Legislative Office of the American Civil Liberties Union (ACLU), speaks during a rally outside of the U.S. Capitol to demand that Congress investigate the NSA's mass surveillance programs on Saturday, Oct. 26, 2013, in Washington. ( AP Photo/Jose Luis Magana)
Demonstrators march through Washington towards the National Mall to rally and demand that the U.S. Congress investigate the National Security Agency's mass surveillance programs Saturday, Oct. 26, 2013. ( AP Photo/Jose Luis Magana)
Demonstrators gather and rally near Union Station in Washington to demand that Congress investigate the National Security Agency's mass surveillance programs Saturday, Oct. 26, 2013. ( AP Photo/Jose Luis Magana)
Demonstrators march through Washington towards the U.S. Capitol to rally and demand that the U.S. Congress investigate the National Security Agency's mass surveillance programs Saturday, Oct. 26, 2013. (AP Photo/Jose Luis Magana)
Demonstrators protest outside of the U.S. Capitol in Washington during a rally to demand that the U.S. Congress investigate the National Security Agency's mass surveillance programs Saturday, Oct. 26, 2013. (AP Photo/Jose Luis Magana)
Demonstrators march outside of the U.S. Capitol in Washington during a rally to demand that the U.S. Congress investigate the National Security Agency's mass surveillance programs Saturday, Oct. 26, 2013. ( AP Photo/Jose Luis Magana)
Demonstrators gather at Union Station in Washington for a march and rally to demand that the U.S. Congress investigate the National Security Agency's mass surveillance programs Saturday, Oct. 26, 2013. ( AP Photo/Jose Luis Magana)
Demonstrators protest outside of the U.S. Capitol in Washington during a rally to demand that the U.S. Congress investigate the National Security Agency's mass surveillance programs Saturday, Oct. 26, 2013. (AP Photo/Jose Luis Magana)
Demonstrators protest outside of the U.S. Capitol, to demand Congress investigate the National Security Agency's mass surveillance programs during a rally in Washington Saturday, Oct. 26, 2013. ( AP Photo/Jose Luis Magana)
Demonstrators gather at Union Station in Washington for a march and rally to demand that the U.S. Congress investigate the National Security Agency's surveillance programs Saturday, Oct. 26, 2013. (AP Photo/Jose Luis Magana)
Demonstrators march through Washington towards the National Mall to rally and demand that the U.S. Congress investigate the National Security Agency's mass surveillance programs Saturday, Oct. 26, 2013. ( AP Photo/Jose Luis Magana)
Demonstrators march on the National Mall in Washington to rally and demand that the U.S. Congress investigate the National Security Agency's mass surveillance programs Saturday, Oct. 26, 2013. ( AP Photo/Jose Luis Magana)
of
SEE ALL
BACK TO SLIDE
SHOW CAPTION +
HIDE CAPTION

That assessment was echoed by another former NSA employee who worked in Tailored Access Operations, the government's top hacking unit.

"Knowing how the NSA setup is, it's so unlikely that someone would hack it," the source told Business Insider on condition of anonymity. "It's just ridiculous. That's not to say they are so perfect, or so impenetrable. ... The fact that this is consolidated around one specific toolkit, I would totally agree with Dave that someone just left with an infrastructure ops disk."

'There's then a lot of panic'

On one hand, people inside the NSA are likely carrying on with "business as usual," the source said. Networks, operating systems, and platforms constantly evolve, and security research firms are often finding tools and exploits they use, so they have to find other ways to continue hacking into foreign targets.

"I've worked operations where tools were discovered and there was a lot of scrutiny on it, and I think you have to have a practical nature to it, which is, that's kind of the name of the game," the source said. "If you implant a computer, you're leaving something behind."

SEE ALSO: 'Watergate 2.0!' what lawmakers are saying about leak of their cellphone numbers

But on the other hand, the more pressing concern is in trying to understand how that data was taken, and what else could be sitting in the cache. Until NSA knows that, then ongoing operations are likely threatened.

"If you don't know how it was lost, there's then a lot of panic in terms of what else is out there, particularly from a counterintelligence perspective," the source said. "Now you have to really worry, are all of my operations exposed? I think that's very concerning to people because they want to be covert and stealth."

The source added: "That's probably the most chilling effect that you can have is to kind of have everyone second guessing themselves."

So what's next? Security researchers will no doubt continue poking through the files to get an understanding of what is inside, and the companies named will start developing patches that fix their vulnerabilities.

But a larger narrative seems to be emerging that a so-called "cyber cold war" is turning hot, especially when this exploit auction — which Aitel believes is "almost certainly Russia" — comes just two months after two different Russian hacker groups were found inside the network of the Democratic National Committee.

"The Russians are professionals," Aitel said. "They've been trying to operate against the United States for a long time. They have a lot of irons in that fire. And vice versa. We catch them and attribute to them as well."

"When you have someone messing with your presidential election, when you have somebody releasing this kind of capability, when you have the attention of policymakers," he added. "It gets less cold day by day."

NOW WATCH: FORMER CIA DIRECTOR: 'A lot of bad things happen with a Brexit'

See Also:

SEE ALSO: I hung around with hackers for a week, and now I'm completely paranoid


Read Full Story

People are Reading