Former Spies' Dubious Claim: Release Of NSA's Windows Exploits Has Seriously Harmed National Security

from the protesting-a-bit-much dept

The Shadow Brokers’ attempted firesale of NSA exploits didn’t go well. After early leaks failed to pique buyers’ interest, SB decided to start handing over the agency’s hacking tools to the general public.

The most recent dump was the most interesting. It contained a variety of remote access exploits — several of them zero days — that gave NSA operatives “God mode” control over compromised computers with fairly-recent versions of the Windows operating system.

But they were of limited use. The most recent exploitable version was Windows 8, and every version still supported by Microsoft was patched before the SB dump, most likely as the result of a belated tip from the NSA. However, older operating systems without Microsoft support are still exploitable, and will remain exploitable until those systems are updated.

Now that most of the stash is out in the open, the Intelligence Community is able to do two things:

1. Determine who is responsible for the leaked toolset.

2. Complain about it.

The latter appears to be what’s happening now. A few (anonymous) former members of the Intelligence Community are talking up what a horrible blow this is to the NSA.

Although digital exploits are used for spying rather than destruction, they allow operators to break down invisible doors, pilfering information. Seeing these latest tools published online was “devastating,” the former cyber intelligence employee said.

Three recently retired intelligence employees who worked on hacking tools for the government requested anonymity in order to speak freely about sensitive matters and to protect ongoing work and employability.

“By my estimation, there’s not much left to burn,” another former intelligence official who worked for several three-letter agencies told Foreign Policy. “The tools that were released were pretty critical.

Supposedly, this set of tools was worth millions of dollars to the NSA. If market prices in Bitcoin are anything to go by, criminals and foreign espionage agencies didn’t appear to feel they were worth much more than a few thousand dollars. Of course, potential buyers didn’t know exactly what they were getting. Others probably figured the exploits would be patched into irrelevance by the time they got their hands on them.

The “sky is falling” narrative tends to follow every leak of national security documents, starting with Snowden’s, which damaged the NSA so much it’s in better shape than ever. There may have been some valuable tools in the SB stash, but the moment they ended up in someone other than the NSA’s hands, they became relatively worthless to the agency.

But what was released, however powerful, was outdated. The stash appeared to be a 2013 vintage — valuable in its prime, but no longer quite as useful after Microsoft’s forced migration of Windows users to version 10. The NSA is undoubtedly sitting on a stash of current exploits far more valuable than what it lost when someone left a bunch of hacking tools behind in a compromised server.

The public gnashing of natsec teeth also serves another purpose: it hopefully encourages surveillance targets to let their guard down a bit. By projecting the image of an intelligence agency fumbling around in the dark, the agency can very likely obtain a few new intercepts from careless foes it catches relaxing.

Filed Under: , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Former Spies' Dubious Claim: Release Of NSA's Windows Exploits Has Seriously Harmed National Security”

Subscribe: RSS Leave a comment
Peter (profile) says:

Two more things the Intelligence Community could do:

1: Explain why they did not share details about secret security holes with software producers when the tools were stolen.
2: Explain why they did not buy the tools back in the firesale, just to take them off the market.

Any possible justification for keeping knowledge about security holes secret went out of the door the minute the tools were stolen!

PaulT (profile) says:

Re: Two more things the Intelligence Community could do:

“2: Explain why they did not buy the tools back in the firesale, just to take them off the market. “

How would buying digital tools from a digital marketplace take them off the market? Unless you mean bribing the leakers to take them off, but then how would you control the distribution of the tools by anyone who had already obtained them?

PaulT (profile) says:

“The stash appeared to be a 2013 vintage — valuable in its prime, but no longer quite as useful after Microsoft’s forced migration of Windows users to version 10.”

I agree up to this point. MS may have forced a lot of people to “upgrade”, but it was nowhere near 100%. A very large number of those people either reinstalled a pre-Windows 8 version or found ways to by pass the “upgrade”, especially when it was forced on people who refused it during the “free” phase.

I’d actually argue that if anything has decreased the US’s national security due to these leaks, it’s Microsoft’s horrific handling of the Metro interface that’s caused so many to avoid and reject its newer products. Few would have complained about the patching and security of Windows if it hadn’t been so closely tied with the mandatory use of an interface so many people dislike.

Anonymous Coward says:

Who is "The Nation"?

So who does NSA define as the Nation when they say they are protecting National security? Is it the people, the government or themselves and their deep state buddies?

Because fundamentally if National Security is not about protecting the people, why is it that we keep funding the security theater? FISA, TSA, Homeland Security, militarizing the police, encryption back doors, the Patriot Act, the Patriot Act’s younger brother the USA Freedom Act, etc, etc. None of this seems aimed at security for the people but more security and secrecy for the government and it’s deep state allies to protect themselves from oversight and for self enrichment.

There was a law recently enacted (and repealed, unfortunately) that required Stock Brokers to work in the interest of their customers. We need something like that for Congress and all of the other branches of government and their agencies, that they be required to work in the interest of the people. Right now they are just working for themselves.

Anonymous Coward says:

Re: Re: Who is

Recently, there seems to be a contingent of numbsculls (or maybe it’s just you?) roaming around here on TD that have decide to necessarily equate the term "Deep State" with some sort of Alex Jones’ish, tin foil hat, conspiracy theory. Please stop, you’re making fools of yourselves.

While it’s true that the term "Deep State" is often borrowed by conspiracy theorists to make some pretty dubious/unsupportable claims, the existence, mechanics, and motives of the "Deep State" itself is well discussed/documented/analyzed by some very reasonable and respected individuals (e.g., Mike Lofgren, C. Wright Mills, and Dwight Eisenhower). Not to mention, the Deep State operates in plain sight for all to readily observe if they care to look.

To use Lofgren’s definition, the Deep State is "a hybrid association of elements of government and parts of top-level finance and industry that is effectively able to govern the United States without reference to the consent of the governed as expressed through the formal political process." Or Mills observation (circa 1956), "American power had become concentrated into three major divisions; the military-industrial complex, Wall Street, and the Pentagon."

So please do tell us, how does that not describe – nearly perfectly – exactly what we’re seeing from our government and industry today?

That’s not conspiracy theory son, that just looking out your window.

DannyB (profile) says:

Damaged National Security

Doesn’t making vulnerabilities public IMPROVE national security? Not damage it?

Once the vulnerabilities are known, the vendors / providers of affected software can patch those vulnerabilities making their software, and our nation more secure against hackers, including other nation states.

Given two conflicting goals, I would rather that our systems be more secure than our adversaries systems be less secure. Both would be nice, but if I can’t have both, I would rather our systems be more secure.

Anonymous Coward says:

Re: Damaged National Security

Once the vulnerabilities are known, the vendors / providers of affected software can patch those vulnerabilities making their software, and our nation more secure against hackers, including other nation states.

Can patch, yes. Will patch, not necessarily. As noted in the Techdirt article, and in some of the comments upthread, although Microsoft has released free patches to address these vulnerabilities on certain newer Windows OSes, they have not and will not address the vulnerabilities on older Windows that they deem to be "out of support" / "end of life." Additionally, Microsoft’s general approach to patching is that if you want anything, you will take what they give you when they deign to give it, including any unwanted changes that they decide to pack along for the ride. You cannot get just spot fixes for vulnerabilities and keep everything else unchanged.

Anonymous Coward says:

Dear NSA and American Congress

You have damaged National Security in a reckless and dangerous pursuit of power more than any single release of classified information or hacking tools.

You constantly hide and play in the shadows. You constantly make secret interpretations of law and emphatically and consistently disregard the Constitution in pursuit of your power & control.

As per the natural cycle there will come a time when citizens have grown tired of the lies, deceit, decadence, and disrespect. When that happens, your greatest enemy will be your own, you already know this because you are already preparing for it. And your preparations for it, will only ensure that it comes. As you tighten that grip, more will only slip through your grasp!

The ONLY lesson learned from history, is that no one learns from it! Especially Governments!

Anonymous Coward says:

It should be noted that many business softwares are still running XP. An OS no longer supported by Microsoft. Therefore no patch will be issued. Microsoft has also ended support for Vista and Win 7, many are still using those OSes. Especially given the spyware mania Microsoft has been on.

Something else not noted and carefully stepped around, is when Vista first came out, the hardware vendors could not come up to snuff on the requirements that Vista needed to run everything. Instead Microsoft downgraded early Vista to allow a “Vista Capable” that would run Vista at bare minimums.

I have one of those early machines. I’ve tried a couple of times to upgrade it to Vista II, only to have it lock up on reboot and never complete the booting sequence. Without Vista II you can not get the protection needed against these NSA tools.

So in essence, this article is correct. Much of the computing world isn’t running Win 8 nor Win 10. The nation is at risk due solely to NSA’s developing these tools and then when stolen did not notify the software makers to patch their holes. In this NSA is at fault more than anyone else.

That One Guy (profile) says:

Here's a thought...

Maybe if they were so concerned about protecting the public they would have informed MS about the vulnerabilities immediately, as soon as they found them, so that they could be patched, rather than waiting years to do so, only when they realized that someone else had rooted through their toys.

Spare me the crocodile tears, the NSA doesn’t give a damn about the impact on the public here, the only thing it cares about is that some of the toys it has are now less useful for it to exploit.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...