Did the NSA know it was hacked? Spy agency informed Microsoft about leak but not the public
In the wake of the massive global WannaCry ransomware attacks, international governments and software vendors have begun playing the blame game. However, most of the world’s censure is directed at the NSA.
The spy agency reportedly knew about the theft of its cyberweapons arsenal, which was later allegedly leaked by the Shadow Brokers hacker group. Given the immense capabilities of the cyber arsenal, the NSA reportedly warned Microsoft about the theft, but chose not to inform the public about the potential dangers.
The NSA reportedly used its Eternal Blue tool for five years, reaping intelligence secrets from targeted systems. The Washington Post cited a former NSA official as having deemed the vast intelligence data gathered from leveraging EternalBlue as “unreal”.
“If one of our targets discovered we were using this particular exploit and turned it against the United States, the entire Department of Defense would be vulnerable,” The Washington Post cited an unnamed former NSA agent as having said. “You just have to have a foothold inside the network and you can compromise everything.”
EternalBlue, which was part of the hacking tools leaked by the Shadow Brokers in April, is the very same tool at the heart of the recent ransomware attacks. Despite Microsoft having already patched the vulnerabilities, the firm released a patch in March, a month before the Shadow Brokers leaked the EternalBlue, among other exploits; cybercriminals repurposed the exploit and unleashed devastating attacks across the globe on 12 May.
Shortly after the first of the WannaCry attacks were stopped, Microsoft publicly called out the NSA over its practice of stockpiling cyberweapons. The tech firm’s president Brad Smith equated the theft of the NSA cyber tools to “the U.S. military having some of its Tomahawk missiles stolen”.
“The NSA certainly failed to build an environment that protected these extraordinary secrets that we’ve got,” said a former senior US official. “We’ve got extraordinary capabilities, and it’s a huge responsibility to manage them on behalf of the nation.”
Although the world is now aware of the dangers associated with the NSA’s stolen cyber tools, the knowledge came too little, too late. The immense and imminent cyberthreats remain, as experts suggest that cybercriminals can continue to borrow and repurpose the leaked NSA exploits to wreak more havoc on cyberspace.
Meanwhile, as the world began settling back to normal following the WannaCry attacks, the Shadow Brokers posted a chilling message, promising to leak further cyber tools from its trove of the stolen haul. The hacker group said it will launch a “monthly subscription” and will begin releasing exploits for web browsers and operating systems, including Windows 10. The group also threatened to leak data from SWIFT and stolen network data from North Korean nuclear missile programmes.