A group of hackers called the Shadow Brokers has just released a new dump of data from the National Security Agency. This is plausibly the most extensive and important release of NSA hacking tools to date. It’s likely to prove awkward for the U.S. government, not only revealing top-secret information but also damaging the government’s relationships with U.S. allies and with big information technology firms. That is probably the motivation behind the leak: The Shadow Brokers are widely assumed to be connected with the Russian government. Here’s what the dump means.
What information has been released?
The release is only the most recent in a series of Shadow Broker dumps of information. However, it is by far the most substantial, providing two key forms of information. The first is a series of “zero-day exploits” for Microsoft Windows software. Zero-day exploits are attacks that take advantage of unknown vulnerabilities in a given software package. Exploits against commonly used software such as Windows are highly valuable — indeed, there is a clandestine international market where hackers sell exploits (sometimes through middlemen) to intelligence agencies and other interested parties, often for large sums of money. Intelligence services can then use these exploits to compromise the computers of their targets.
Second, information in the dump seems to show that the NSA has penetrated a service provider for SWIFT, an international financial messaging service. Specifically, it appears to have penetrated a SWIFT Service Bureau that provides support for a variety of banks in the Middle East.
Read the full piece at The Washington Post.