The NSA hasn’t had a great few years. And it isn’t getting any better.
First it was Snowden and dumping documents on seemingly a weekly basis. There were two schools of thought regarding Snowden. Some said he was a hero for disclosing illegal government actions Others said that he was a traitor for disclosing national security secrets. The leaks seem to have stopped at this point. For now!
There are a couple of important distinctions about Snowden. First, we know who he is and where he is. Second, he disclosed documentation. Directions. Information.
The second major breach is the Shadow Brokers. Where Snowden leaked documents, Shadow Brokers leaked tools. Going back to those distinctions, we do not know WHO the Shadow Brokers are or WHERE they are. These tools are now available on the open market and while some of the flaws these tools exploited have been patched, it doesn’t mean that people have applied those patches. Remember the WannaCry infection that cost Fedex $300 million and Merck $600 million – so far? Yup. One of those tools that was released. And for which there were patches issued but not applied. And that was only ONE of the tools.
The New York Times ran a great article on the issue yesterday (see link below) that talks about how these breaches have affected the NSA (and the CIA with its own leaks).
The problem is that with so many employees and contractors, and the ease with which someone can sneak out a gigabyte of data on a device the size of your finger tip, it is a hard problem.
So they have been conducting witch hunts. Given that they don’t know who or how many bad guys there are, they really don’t have much of a choice, but that certainly doesn’t improve morale.
One of the guys the Times interviewed for the article was a former TAO operative. TAO is the NSA’s most elite group of hackers. He said that Shadow Broker had details that even most of his fellow NSA employees didn’t have, so exactly how big is this leak anyway? And is the leaker still there? Is the leaker an insider? Or have the Ruskies totally penetrated the NSA?
And, of course, the NSA has to start over finding new bugs in systems since the vendors have, in many cases, patched the bugs that the NSA tools used. Then we have that NSA developer in Vietnam who took homework and ultimately fed it to the Ruskies – not on purpose, but the effect is the same.
It just hasn’t been a good couple of years for the NSA or the intelligence community. On the other hand, as we hear more about the hacking of the elections last year, the Russians seem to be doing pretty well.
One last thought before I wrap this up.
The government, many years ago, decided that OFFENSIVE security was much more important than DEFENSIVE security. This is why the NSA hordes security vulnerabilities instead of telling the vendors to fix them. Maybe that is an idea that needs to change. It certainly does not seem to be working out very well for the American citizens and businesses.
Until that happens, you are pretty much on your own. Just sayin’.
Information for this post came from a great article in the New York Times.