Hello,

We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not an Insider? Subscribe now for unlimited access to online articles.

Connectivity

Hackers Claim to Be Selling Secret U.S. Spy Software

A group called the Shadow Brokers appears to be in possession of NSA code, though it’s unclear exactly how powerful it is.

A hacker group claims to be selling U.S. government cyber spying tools in an online auction, and experts suggest the software belongs to the National Security Agency.

The previously unknown hacking collective, which calls itself the Shadow Brokers, claims to have stolen code from the computer espionage team known as the Equation Group—a secretive organization identified last year by Russian security firm Kaspersky. At the time, Reuters claimed that the Equation Group was the work of the U.S. National Security Agency.

The Shadow Brokers have released sample code from its alleged hack on the website Pastebin to prove its legitimacy to potential buyers. The collective claims that the software it has published can be used to break into firewall software from companies like Cisco Systems and Juniper Networks. A security expert speaking to Reuters says the code that has been made public “appears to be relatively old.” But several security experts have told the Wall Street Journal that it does at least appear to be genuine, and one claims that it looks “like a tool kit from the NSA.”

NSA headquarters in Fort Meade, Maryland.

Edward Snowden has also published a series of tweets suggesting that he also believes these pieces of software originate from the government organization. He speculates that the hack may have been made possible if NSA employees left code on staging servers following an operation, leaving it available for a third party that was monitoring its operations to discover. That’s a slightly more nuanced description than the account published in broken English by the hackers themselves:

We follow Equation Group traffic. We find Equation Group source range. We hack Equation Group. We find many many Equation Group cyber weapons. You see pictures. We give you some Equation Group files free, you see. This is good proof no? You enjoy!!! You break many things. You find many intrusions. You write many words. But not all, we are auction the best files.

According to Snowden, it wouldn’t be the first time the NSA has been hacked in this way. “The hack of an NSA malware staging server is not unprecedented, but the publication of the take is,” he explained on Twitter. “Circumstantial evidence and conventional wisdom indicates Russian responsibility. This leak is likely a warning that someone can prove U.S. responsibility for any attacks that originated from this malware server. That could have significant foreign policy consequences.”

Despite Snowden’s assertion about Russian involvement, it still remains unclear who is behind this particular operation. It’s also unknown how up-to-date or powerful the rest of the code obtained by the Shadow Brokers actually is. Perhaps unsurprisingly, the hackers reckon that the software being auctioned off is of higher quality than the code the group freely published, claiming that the tools it’s selling are “better than Stuxnet.”

The highest bidder will get to find out. Or for the princely sum of one million bitcoins (about $568 million), the Shadow Brokers say, they will publish the code publicly so the entire world can see it. The true cost, however, may yet prove to fall on the NSA.

(Read more: Wall Street Journal, Paste Bin)

Become an MIT Technology Review Insider for in-depth analysis and unparalleled perspective.

Subscribe today
NSA headquarters in Fort Meade, Maryland.
More from Connectivity

What it means to be constantly connected with each other and vast sources of information.

Want more award-winning journalism? Subscribe and become an Insider.
  • Insider Plus {! insider.prices.plus !}* Best Value

    {! insider.display.menuOptionsLabel !}

    Everything included in Insider Basic, plus the digital magazine, extensive archive, ad-free web experience, and discounts to partner offerings and MIT Technology Review events.

    See details+

    Print + Digital Magazine (6 bi-monthly issues)

    Unlimited online access including all articles, multimedia, and more

    The Download newsletter with top tech stories delivered daily to your inbox

    Technology Review PDF magazine archive, including articles, images, and covers dating back to 1899

    10% Discount to MIT Technology Review events and MIT Press

    Ad-free website experience

  • Insider Basic {! insider.prices.basic !}*

    {! insider.display.menuOptionsLabel !}

    Six issues of our award winning print magazine, unlimited online access plus The Download with the top tech stories delivered daily to your inbox.

    See details+

    Print Magazine (6 bi-monthly issues)

    Unlimited online access including all articles, multimedia, and more

    The Download newsletter with top tech stories delivered daily to your inbox

  • Insider Online Only {! insider.prices.online !}*

    {! insider.display.menuOptionsLabel !}

    Unlimited online access including articles and video, plus The Download with the top tech stories delivered daily to your inbox.

    See details+

    Unlimited online access including all articles, multimedia, and more

    The Download newsletter with top tech stories delivered daily to your inbox

/3
You've read of three free articles this month. for unlimited online access. You've read of three free articles this month. for unlimited online access. This is your last free article this month. for unlimited online access. You've read all your free articles this month. for unlimited online access. You've read of three free articles this month. for more, or for unlimited online access. for two more free articles, or for unlimited online access.