Less than a week until TNW València 🇪🇸 Get a last-minute 30% discount on your ticket

This article was published on August 16, 2016

Snowden: NSA hack is likely a warning from Russia

Snowden: NSA hack is likely a warning from Russia
Bryan Clark
Story by

Bryan Clark

Former Managing Editor, TNW

Bryan is a freelance journalist. Bryan is a freelance journalist.

Notorious NSA contractor-turned-privacy advocate Edward Snowden today took to Twitter to discuss the details of yesterday’s ‘Equation Group’ hack. The Equation Group — allegedly an offshoot of the NSA — saw its defenses penetrated by a group calling itself ‘The Shadow Brokers.’ Eventually this data began to make its way online.

The collected data is reported to be a cache of hack tools, known as binaries. According to Snowden, these tools are uploaded onto an NSA staging server as part of on-going operations to target and trace rival malware servers. The practice is known as Counter Computer Network Exploitation, or CCNE — a process that allows NSA hackers to steal tools used by foreign (or domestic rival) hackers in order to fingerprint them.

Once fingerprinted, we can identify tools that were used in other attacks and begin to trace their origin.

After initializing the operation, NSA hackers are instructed to remove the binaries from the server. But according to Snowden, sometimes people get lazy. This leads to the tools being stolen and fingerprinted by our rivals instead — the most likely scenario in the Equation Group hack.

Snowden believes the hack is likely of Russian origin and intended to be a warning that “someone can prove US responsibility for any attacks that originated from this malware server.”

Simply put, the hackers that leaked the data on this server also provided unique fingerprints to state sponsored hacking tools. These same tools may have been used to hack rival governments, like Russia, North Korea, Iran or — to a lesser extent — China. In a worst-case scenario, they could have been used to hack our allies. If proven, this confirmation could have disastrous consequences on foreign policy.

Snowden warns that this situation could “get messy” very fast.

Get the TNW newsletter

Get the most important tech news in your inbox each week.