Trump is bringing someone who openly works with Putin's propaganda channel Russia Today to get his first classified intel briefing. Amazing.
— Garry Kasparov (@Kasparov63) August 16, 2016
Something happening here… I have absolutely no idea how to judge to quality of the latest Alarming Security News, which is why I’m sharing it with you late-night/left-coast tech people. First story I ran across was in Mother Jones:
… The NSA, responsible for intercepting communications around the world, appears to be the latest victim of hacking, at least indirectly, according to multiple news reports. A group calling itself the Shadow Brokers released a series of files on Saturday that contained the code behind some powerful hacking tools developed by an NSA-linked group. Those tools have been used to carry out cyberattacks on other governments and private corporations across the world over the last 20 years, according to Forbes.
The Shadow Brokers released a series of files that included installation files and descriptions of networks used for a number of different hacking tools that they claimed to have stolen from the Equation Group—the name security researchers gave to a group of hackers who deployed cyberweapons on behalf of the United States and other Western governments. This group was unmasked in early 2015 by Kapersky Labs, a Russian security research firm. The Equation Group is believed to have been affiliated with the NSA and other Western intelligence agencies, according to security researchers, and is perhaps the most wide-ranging and successful hacking group ever publicly discussed…
Then, in Gizmodo, “Yeah, The NSA Was Probably Hacked”:
… Hacking group “The Shadow Brokers” made headlines Monday when it leaked files that supposedly belonged to “Equation Group,” which has widely been speculated to be an NSA hacking offshoot. When researchers from Kaspersky analyzed Equation Group, they found codenames also found in documents leaked by Snowden. The Shadow Brokers only released some of the files, which computer security experts have deemed as legitimate, and are asking for millions of dollars in bitcoins to release the rest. The files supposedly contain the frameworks for multiple NSA hacking tools.
According to Snowden, some NSA spies may have gotten lazy, and left their hacking tools on the malware staging server…
(Because the wetware is always the most unpredictable risk factor in any security project.)
And now, the NYTimes makes it ‘official’…
… Most outside experts who examined the posts, by a group calling itself the Shadow Brokers, said they contained what appeared to be genuine samples of the code — though somewhat outdated — used in the production of the N.S.A.’s custom-built malware.
According to these experts, the coding resembled a series of “products” developed inside the N.S.A.’s highly classified Tailored Access Operations unit, some of which were described in general terms in documents stolen three years ago by Edward J. Snowden, the former N.S.A. contractor now living in Russia.But the code does not appear to have come from Mr. Snowden’s archive, which was mostly composed of PowerPoint files and other documents that described N.S.A. programs. The documents released by Mr. Snowden and his associates contained no actual source code used to break into the networks of foreign powers…
By midday Tuesday Mr. Snowden himself, in a Twitter message from his exile in Moscow, declared that “circumstantial evidence and conventional wisdom indicates Russian responsibility” for publication, which he interpreted as a warning shot to the American government in case it was thinking of imposing sanctions against Russia in the cybertheft of documents from the Democratic National Committee.
Around the same time, WikiLeaks declared that it had a full set of the files — it did not say how it had obtained them — and would release them all in the future. The “Shadow Brokers” had said they would auction them off to the highest bidder…
“It certainly feels all real,” said Bruce Schneier, a leading authority on state-sponsored breaches. “The question is why would someone steal it in 2013 and release it this week? That’s what is making people think this is likely the work of Russian intelligence.”…
(Bruce Schneier, at least, is a name I recognize as trustworthy.)
So… is this just more booga-booga to scare us rubes before the election? Or is this really another step forward to a dystopia divided between the Global Panopticon and black-bloc anarchists?
Trentrunner
WSJ reports that Trump has hired Breitbart’s Steve Bannon to run his campaign and Kelly Anne Conway has been promoted.
Nobody…NOBODY puts Manafort in a corner!
Mnemosyne
An interesting dodge by the article:
So it’s not necessarily that Snowden didn’t walk away with any of that source code, just that he hasn’t publicly released it. Things that make you go hmmmm ….
Ruckus
Schneier’s site says basically the same as the sources you have, his quotes are from people he seems to trust, which may be some of the same people. Nothing really different from what you posted.
seaboogie
Given that this is our intelligence community at work, I fully trust them not to give Trump any sensitive information – and also trust that they can play a bit. As in Manafort says “but this is not what the Kremlin is telling me….”. We are back to Spy v. Spy
Mnemosyne
@seaboogie:
The Obama administration keeps saying that Hillary and Trump will get the exact same briefing. However, I’m assuming that the former Secretary of State is far better equipped to connect the dots and fill in any gaps than Trump is.
ChrisGrrr
(Bruce Schneier, at least, is a name I recognize as trustworthy.)
QFT.
I don’t recall any fearful self-promotion or testicularless government fellating.
Brachiator
Scare us into doing what?
If anything, wouldn’t it be up to Congress and the president to do something about this?
Hmmm. Now I’m starting to worry. Republicans. Do something intelligent. Nope. Can’t see it happening.
amk
And the wingnutz called the kenyan the manchurian candidate.
mtmofo
NYT article on TRump shake-up
http://www.nytimes.com/2016/08/18/us/politics/donald-trump-stephen-bannon-paul-manafort.html?_r=0
Raven Onthill
Schneier’s own commentary, also citing Weaver’s “NSA and the No Good, Very Bad Monday.” Some of the comments, even, are good.
But this quote:
So now we have Russia apparently trying to blackmail … President Obama? One cannot make this up!
MikeTheZ
@Trentrunner: Jesus Christ, I can’t imagine what the next week is going to be like aside from “ugly”.
sukabi
Seems strange that only dems were hacked, if another gov. Was going to meddle why target only one of the two governing parties? Seem like they’d go after gov. Agencies instead…. Unless it was a special favor for someone.
Schlemazel
Nation-state teams from any moderately competent country (North Korea can do it for crisssakes) can own anyone -a.n.y.o.n.e. That includes the NSA, who would be harder but not impossible. If you read what we did to Iran’s nuclear centrifuges, systems that were not connected to the Internet at all, you should understand that I mean anyone literally. It is a lot harder to breech the NSA but if they got sloppy (and all humans get sloppy if you let them) they may have made it easier. My hope is that they were smart enough to protect the important stuff & what was taken was only important & not critical. If they got the NSAs 0-day stuff we are well and truly screwed.
My guess is that people have breached both parties and many campaigns, it would make sense from an intel standpoint for Russian and China to see what they can learn about the people and their strategies. That they only release one set makes me ask what their game is.
JMG
@Schlemazel: Their game is the same as all intelligence services, earn larger budgets and more influence by showing how awesome they are to their boss or bosses. Due to the enormous volume of useless information the NSA sucks up every day, its own secrets are probably most secure on the purloined letter principle, getting through the horse shit to find the pony is a gargantuan task.
MomSense
@seaboogie:
I would not be surprised if they fed Trump some misinformation in with his security briefing which will have just enough good stuff to make them chase down the credibility of it all.
MomSense
@sukabi:
Who says RNC wasn’t hacked? The info just wasn’t released.
Enhanced Voting Techniques
@MomSense:
Interesting all those Republican candidates except for Cruiz, the lawyer, were playing softball with Donny in the primary.
Robin Gittelman
@amk: It’s always projection with these people