Security companies sent scrambling after ‘auction’ of NSA tools
Associated Press
PARIS
The leak of what purports to be a National Security Agency hacking tool kit has set the information security world atwitter – and sent major companies rushing to update their defenses.
Experts across the world are still examining what amount to electronic lock picks. Here’s what they’ve found so far.
The tool kit consists of a suite of malicious software intended to tamper with firewalls, the electronic defenses protecting computer networks. The rogue programs appear to date back to 2013 and have whimsical names such as EXTRABACON or POLARSNEEZE. Three of them – JETPLOW, FEEDTROUGH and BANANAGLEE – have appeared previously in an NSA compendium of top-secret cyber-surveillance tools.
The auctioneers claim the tools were stolen from the Equation Group, the name given to a powerful collective of hackers exposed by antivirus firm Kaspersky Lab in 2015. Others have linked the Equation Group to the NSA’s hacking arm, although such claims are extraordinarily hard to settle with any certainty.
The leaked tools “share a strong connection” with the Equation Group, Kaspersky said in a blog post late Tuesday. The Moscow-based company said the two used “functionally identical” encryption techniques.
The leaked tools also appear to be powerful, according to a running analysis maintained by Richmond, Va.-headquartered Risk Based Security.
The group said several of the vulnerabilities targeted by the malware – including one affecting Cisco firewalls – were previously unknown.