Today, an internet hacking collective called The Shadow Brokers dumped a giant pile of what they claim are NSA hacking tools that target Windows machines online. And unlike other recent breaches from the CIA, this might have a direct, and nasty, effect on users around the world. Here’s what you need to know, and how to protect yourself.
First, the good news: In Motherboard’s overview of the tools, they appear to date from 2013. As a result, the security consultants they spoke with generally agree that Windows 10 is safe from these tools. Everything before Windows 10, however, is vulnerable in some way.
The tools include several “zero-day” exploits, ways into a system that have not been publicly announced and thus may go undetected or unrepaired. Worse, the tools come with instructions on how to implement them, including a tool called “FUZZBUNCH,” which is essentially a toolkit to breach Windows operating systems. That makes these attacks accessible to less experienced hackers or even people with enough basic knowledge to run these tools. It may even open the door to another “worm,” a self-replicating virus that invades and shuts down computers.
The problem, even if you run Windows 10, is that everybody from the corner store to your credit-card processor may not be. It’s not clear just how pervasive the problem of “legacy systems,” old unupgraded hardware and software running businesses and key government components, really is. Furthermore, Microsoft hasn’t been upgrading the security of these systems for a while; just three days ago, it ended all support of Windows Vista.
Why even do this? That remains an open question. The prevailing theory about the Shadow Brokers is that they’re connected to the Russian government. A previous release of malware tools was seen as a “warning shot,” telling US intelligence to back off lest more of its secrets were spilled. But it may be an internal leaker as well. Really, until a member of the group is found, which may be never, there’s no way to know for sure.
So, if you’re running an old Windows system, what should you do? The first step is simple: Back up all your files. This protects you from ransomware, an attempt to lock your computer unless you provide a payment in Bitcoin; you can just wipe your computer and reinstall your files. Also, you should be doing this anyway, so consider this yet another reminder to do so.
Next, if you can upgrade to Windows 10, or have been putting it off despite Microsoft’s aggressive attempts to make you, do it. That will cut off a lot of problems at a stroke, although remember that like any operating system, security is a relative term. If you can’t upgrade, go in and remove any personal data from your computer you can find; even just deleting emails and credit card numbers will be a positive step. Enable alerts on your credit cards and other financial data to ensure it’s protected, as well. Or, if you don’t need the computer to be connected to the internet at all, simply disconnect it.
Beyond that, use common sense. As always, common sense is the most effective bulwark against fraudsters, whether they’re on the internet or in real life. If an email seems fishy, if an offer seems too good to be true, or if a contact from a friend doesn’t seem quite right, then trust your guy and stay away. Most hackers, in the end, rely on us to click before we think, so thinking ahead remains your best defense.