Today, an internet hacking collective called The Shadow Brokers dumped a giant pile of what they claim are NSA hacking tools that target Windows machines online. And unlike other recent breaches from the CIA, this might have a direct, and nasty, effect on users around the world. Here’s what you need to know, and how to protect yourself.
First, the good news: In Motherboard’s overview of the tools, they appear to date from 2013. As a result, the security consultants they spoke with generally agree that Windows 10 is safe from these tools. Everything before Windows 10, however, is vulnerable in some way.
The tools include several “zero-day” exploits, ways into a system that have not been publicly announced and thus may go undetected or unrepaired. Worse, the tools come with instructions on how to implement them, including a tool called “FUZZBUNCH,” which is essentially a toolkit to breach Windows operating systems. That makes these attacks accessible to less experienced hackers or even people with enough basic knowledge to run these tools. It may even open the door to another “worm,” a self-replicating virus that invades and shuts down computers.
The problem, even if you run Windows 10, is that everybody from the corner store to your credit-card processor may not be. It’s not clear just how pervasive the problem of “legacy systems,” old unupgraded hardware and software running businesses and key government components, really is. Furthermore, Microsoft hasn’t been upgrading the security of these systems for a while; just three days ago, it ended all support of Windows Vista.