The NSA has, at this point, a well-known leaking problem. Over the last few months, alleged NSA hacking tools and other data have been put online by a group calling themselves the Shadow Brokers. And this weekend, a big New York Times piece explored the extent of the leaks and their possible damage, but for many, it’s not clear what’s going on, who should be concerned, and why. So, here’s what you need to know.
- The group behind the leaks, calling themselves the Shadow Brokers, first appeared in mid-2016, attempting to sell government secrets: Since that time, between now and April, they’ve been leaking what they claim are government intelligence tools like computer exploits and hacking software. The most notable leak was codenamed Eternal Blue, and the tools appear to date from roughly four or five years ago. Microsoft and other affected companies acted quickly to patch the flaws, which is beginning to mitigate the damage, but criticized the NSA for “hoarding” exploits to use for intelligence purposes.
- Nobody is quite sure who the Shadow Brokers are or what their real motive is: Theories range from Russian intelligence agencies attempting to demoralize the NSA to an internal leaker with an axe to grind. It seems likely it’s somebody very familiar with American culture, as the name of the group is a video game reference, and the group’s taunting blog posts use the syntax of Gollum from Lord of the Rings.
- The releases, while dated, are still dangerous: Each of the tools is software designed to make these breaches and hacks easy to use. It’s one thing to learn about an “exploit,” a flaw in a computer’s programming you can manipulate. It’s quite another to use that exploit effectively if you don’t have the training. That’s more or less what the Shadow Brokers have been doing over the last year or so; arming “hackers” who mostly deface websites and annoy chat rooms with more dangerous sets of weapons. The most visible examples have been a series of ransomware attacks, the most prominent of which, Wannacry, spread across the world.
- Most of the concern is at a national security level: There’s reason to be worried, in a broader, abstract sense. Now that the NSA’s digital burglary tools are all over the internet and being used to rob and annoy people, tech companies will patch exploits, fix errors, and cut off the NSA from access via this software. It’s worth remembering, however, that much of hacking into networks is not fancy code and hidden exploits; most hacking is the equivalent of lifting the potted plant next to somebody’s front door and finding the key to the house and then pulling up front with a moving van. The NSA isn’t crippled; it just doesn’t have as many tools at its disposal.