Personal Security Takes A Hit With Public Release Of NSA's Hacking Toolkit
from the national-security-still-healthy,-but-always-worth-panicking-over dept
Former members of Team Espionage recently expressed their concern that the Shadow Brokers’ dump of NSA Windows exploits had done serious damage to the security of the nation. The unwanted exposure of NSA power tools supposedly harmed intelligence gathering efforts, even though the tools targeted outdated operating systems and network software.
However, there are still plenty of computers and networks online using outmoded software. This makes the released exploits a threat (especially those targeting XP users, as that version will never be patched). But not much of a threat to national security, despite the comments of anonymous former Intelligence Community members. It makes them a threat to personal security, as Chris Bing at CyberScoop points out:
One of these hacking tools, a backdoor implant codenamed DOUBLEPULSAR — which is used to run malicious code on an already compromised box — has already been installed on 30,000 to 50,000 hosts, according to Phobos Group founder Dan Tentler. Other researchers have also engineered different detection scripts to quickly scan the internet for infected computers.
John Matherly, the CEO of internet scanning-tool maker Shodan.io, said that upwards of 100,000 computers could be affected.
Rather surprisingly, data gathered by security researchers shows a majority of the infected computers are in the United States. This shows Microsoft’s steady updating push still faces a sizable resistance right here at home. What it also shows is how fast exploits can be repurposed and redeployed once they’re made public. The scans for DOUBLEPULSAR have turned up thousands of hits worldwide.
DOUBLEPULSAR is simply a backdoor, but an extremely handy one. Once installed, it makes targeted computers extremely receptive to further malware payloads.
“The presence of DOUBLEPULSAR doesn’t mean they’re infected by the NSA, it means there is a loading dock ready and waiting for whatever malware anyone wants to give it,” Tentler said. “The chances are none that all theses hosts [were hacked by] the NSA.
So, there’s that small bit of comfort. It’s not the NSA nosing around the innards of your Windows box, but a bunch of script kiddies playing with new toys… adding them to the normal rolls of malware purveyors seeking to zombify your device and/or make off with whatever information is needed to open fraudulent credit card accounts or whatever.
The NSA certainly could have informed Microsoft of these exploits before it ended support for certain platforms, thus ensuring late- (or never-) adopters were slightly more protected from malware merchants and state agencies. But that’s the Vulnerabilities Equity Process for you: no forewarning until a third party threatens to turn your computing weapons over to the general public.
Filed Under: exploits, hacking tools, privacy, security, shadow brokers
Comments on “Personal Security Takes A Hit With Public Release Of NSA's Hacking Toolkit”
Release of the exploits is not the problem
The problem is that NSA instead of informing companies about the flaws it detects is hiding that knowledge. And there will be more leaks of this nature in the future if they won’t change their course of action.
Re: Release of the exploits is not the problem
Total agreement. NSA believing they had their own private vulnerabilities&exploits is out of control arrogance.
Simply a backdoor? Like just metadata?
I thought
I thought that the government was, by law, required to report vulnerabilities to the vendors so that could be patched.
1. Am I mistaken?
2. If not, who is going to jail?
Re: I thought
There are exceptions like with the FOIA law.
Namely they can claim “National Security” and never tell anyone about the bug/security risk.
Re: Re: I thought
Is there any law that doesn’t have a “national security” exception?
Distraction, Distortion, & Ignorance
Look, it is foolish to assume that the public release of any information or tools are damaging to Personal Security or Privacy. You can’t solve problems in the dark because there is no light to see how to fix anything.
“Former members of Team Espionage recently expressed their concern that the Shadow Brokers’ dump of NSA Windows exploits had done serious damage to the security of the nation.”
Team Espionage are the ones that caused the serious damage, they are just trying to save face to “Distract” you from their wrong doings here, by using “Distortion” of the facts to play on everyone’s “Ignorance” about technology.
A Government of Liberty and Justice cannot operate in secrecy or shadows.
Liberty and Justice can only stand in the light because it’s principals generate light which destroys secrets and shadows. Secrecy and Shadows require darkness so that they can be safe from the light.
When you agree that the Government can secretly spy or secretly interpret law, then you also agree that the Government will now become your master and owner and you the subject and slave.
Re: Distraction, Distortion, & Ignorance
If that’s your view, using any software without publically viewable source code (and a way to verify the binaries match) would be a mistake.
Re: Re: Distraction, Distortion, & Ignorance
Unless you’re capable (technically and financially) of designing and building your own computing environment without the use of any COTS parts, using closed source code isn’t so much a mistake as a necessary evil.
Old implants vs New implants
Do not assume that current count of infected machines has suddenly multiplied because the exploit is now known. It is great cover to dump the exploit to hide your original targets.
Always running the latest
I’m sitting here running that new-fangled Win10CreatorsUpdateRelease.
I don’t understand these people who act like software companies who are so evil to make us upgrade our machines against our will all the time.
Most of the time there are solid fixes and improvements. As this little tale of WinXP vulnerabilities highlights. Even when there are things done over time that you don’t like, almost always these are more than compensated for by the stuff that is fixed.
Re: Always running the latest
Microsoft burned a lot of folks with their near forced ‘update’ from Win non 10 to Win 10 via Windows Update. The same Windows Update that should be delivering security updates. Microsoft shouldn’t hold security updates hostage in order to encourage you to update to Win 10.
Their recent move to the new take all or non updates doesn’t help either.
And the lack of privacy controls in Win 10 Creators make it very clear that Microsoft intends to monitor what you do and view with your PC and feed you Ads based on that. NO option for most to opt out.
Re: Re: Always running the latest
“lack of privacy controls in Win 10 Creators “
I am no fan of M$ or Win 10 but I upgraded my Win 10 laptop to creators yesterday and was surprised to be instantly given the privacy options (which they had very nicely re-enabled all tracking features for me). In previous updates they just re-enabled them without telling me so at least I didn’t have to go hunting for the options to check they were disabled.
Re: Re: Always running the latest
quote:
Microsoft shouldn’t hold security updates hostage in order to encourage you to update to Win 10.
/quote
no.. they aren’t holding them.
they simply don’t waste work hours creating security updates for unsupported operating systems, partially updated systems or unsupported silicon.
what you’re actually demanding is forced labour / unpaid labour / slavery for a system configuration it was not designed for, or intended to be used on.
Re: Always running the latest
We truly hope you enjoy your NSA Spydows 10 experience. Have a good day.
Imagine this was the “backdoor” the FBI et al have been demanding. Then it could Only Be Used By Governments And Other Good Guys: and we wouldn’t be having this problem.
But the problem was, nobody called it a “backdoor”, and the Bad Guys didn’t realize they couldn’t use it.
FTFY
“Personal Security Takes A Hit Without Public Release Of NSA’s exploits”
The truth shall set US free.
Old implants vs New implants
Do not assume that current count of infected machines has suddenly multiplied because the exploit is now known. It is great cover to dump the exploit to hide your original targets.
After seeing the Child’s Play movies I’m never trusting another Good Guy again. 😀
Joke aside, yes whenever the law gets a mandated backdoor some bad guys will eventually get access to it.
Even if security WAS foolproof, cops are, at the end of the day, still human and therefore corruptible.
public hacking tools making us more vulnerable
When will Windows have features like the ability to dismount our hard drives while on the Internet and making ram directories noexec, nosuid, nodev?
Perhaps we need a national agency tasked with finding exploits and working with the major software groups. I’m sure many people would like to work for the good guys and help Microsoft, Adobe, Symantec, etc find the exploits so they can patch them.
Re: public hacking tools making us more vulnerable
“When will Windows have features like the ability to dismount our hard drives while on the Internet and making ram directories noexec, nosuid, nodev?”
Um, never?
If that’s what you want, find a Live OS DVD distro of your choosing. KNOPPIX and TAILS come to mind, but most any of the Linux install DVD’s would fit the bill. Most can be installed on thumb drives with minimal effort.
And I’m sure someone will point out a Windows based Live DVD image somewhere.
Where do you get that “…chances are none that all theses hosts were hacked by the NSA…” means “…not the NSA…”? You’re ability to equate and reason seems to be that of a monkey. What that means is that not “all” of the attacks are those of the NSA. It does not mean that “none” of them are.
Hallo Freunde, Dies ist eine einfache Methode, WhatsApp-Konto online ohne Download oder Registrierung zu hacken.