Shadow Brokers

 

nsa_meade

ABC News had an interesting story yesterday about a hacker group called “Shadow Brokers” releasing information related to the National Security Agency loss of some of it’s most closely guarded hacker tools.

OK maybe not that closely guarded. Per the article:

“A group calling itself “Shadow Brokers” says it has released another gem from its trove of high-level hacking tools stolen from the U.S.’s National Security Agency, potentially offering added insight into how America’s spies operate online.

The leak discloses NSA-style codenames — including “Jackladder” and “Dewdrop”— and carries internet protocol information about scores of organizations, many based in Japan, China and South Korea, according to several experts who have examined the data.”

It looks like yet another embarrassment for the NSA, which seems to have generated plenty over the past few years.  When hacker groups get to troll the NSA with their own hacking tools, it’s like getting a wedgie and being stuffed in a locker for that most secret of American spy agencies.  This caught my eye:

“The Intercept, an investigative publication with access to NSA material leaked by former intelligence contractor Edward Snowden, later confirmed Shadow Brokers’ tools were really from the NSA by cross-referencing the leaked data with information held in a previously unpublished top secret manual.”

That seems to tell me that intimate knowledge of these hacker tools have been out there since Snowden defected.  Glenn Greenwald may not have published the details in The Guardian, but I’m sure whatever laptop he kept Snowden’s data on was a target of every intelligence agency in the world, so the entire worldwide intelligence community must have been aware of some of the specifics of these hacker tools for years.

And then, somehow, these tools got released.

At some point.

That gets kind of cloudy.  It was revealed publicly a few months ago that not only had the hacking tools been leaked, but that it may have been due to carelessness.

“Embarrassingly, an investigation into the matter has revealed that a NSA operative may have inadvertently left the hacking tools in question on a remote computer, effectively leaving it behind as a gift to whomever discovered it.”

At this point, maybe it’s time for the NSA to wear a dunce cap and sit in the corner?

But wait, there’s more:

“Interestingly enough, a U.S. operative is said to have left the hacking tools behind about three years ago.”

Now I wonder what else happened in the intelligence community three years ago?  That’s right, that’s when Snowden defected.  Now at seems a bit of a coincidence to me that at about the same time Edward Snowden began his ‘round the world defection tour that in a totally unrelated incident, some random NSA employee loses a laptop containing some of the most valuable hacking software in the world.

Now here is where I get confused.  Harold Martin III, an NSA contractor employed by Booz Allen Hamilton was arrested in August for pilfering an unbelievable amount of classified material that he had stolen from work and was keeping at home.  Per The New York Times:

 “Investigators pursuing what they believe to be the largest case of mishandling classified documents in United States history have found that the huge trove of stolen documents in the possession of a National Security Agency contractor included top-secret N.S.A. hacking tools that two months ago were offered for sale on the internet.

They have been hunting for electronic clues that could link those cybertools — computer code posted online for auction by an anonymous group calling itself the Shadow Brokers — to the home computers of the contractor, Harold T. Martin III, who was arrested in late August on charges of theft of government property and mishandling of classified information.”

So this is why I’m confused.  The FBI is trying to make a case that Martin sold or tried to sell NSA hacking tools to the Shadow Brokers hacking group; the same hacking tools that were inadvertently lost three years ago?

“But so far, the investigators have been frustrated in their attempt to prove that Mr. Martin deliberately leaked or sold the hacking tools to the Shadow Brokers or, alternatively, that someone hacked into his computer or otherwise took them without his knowledge.”

The tools were lost three years ago.  The FBI thinks that Martin sold them to the hacker group, and per the ABC article, everyone agrees that the hacker group Shadow Brokers does have the hacking tools right?

Somebody can’t keep their story straight.  Did the Shadow Brokers get the tools from the loss from three years ago or from Martin more recently?  And is Martin that good that if he did sell the tools, he left no tracks, including payment?  Since he’s sitting in jail, facing a lifetime of more of the same, it would seem that he would have an incentive to cut a deal.

Let me posit an alternative explanation.  I won’t even call it a theory since I have no evidence or no knowledge one way or the other.  But try this on for size:

When the after action on Snowden’s stolen material was reviewed, it becomes clear that a technical manual that has specific information about the NSA hacking tools was part of Snowden’s stolen intelligence material.  Greenwald never published it, no doubt because it was technical and he had no idea what it was, but just having it in his possession made the material vulnerable since Greenwald became a target for every intelligence agency in the world once it went public that Snowden gave him all of his ill gotten gains.

So the information on the hacking tools is out there, even if the tools themselves are not.  But there is no doubt enough technical data that would make it possible for a sophisticated intelligence service to perhaps identify and defend from those particular tools. So maybe, just maybe, the NSA wants to muddy the waters a bit by “losing” their tools, only to be found by a hacking group which then brags about having them and uses them to intrude into systems worldwide.

So…what if the tools were never lost, or stolen by Martin?  What if it’s an elaborate setup to create a black hat hacking group, that can be the fall guy for failed or identified computer systems intrusions?  Since the technical manual stolen by Snowden is out there, that means the useful shelf life of these hacking tools are limited, so an entirely new set of software has to be created, but that takes time.  In the meantime, there is a fall guy for failed or identified computer intrusion operations, the Shadow Brokers.  Wouldn’t it be ironic if the Shadow Brokers are nothing but a creation of the Shadow Factory?

Do I think this is likely?  Sadly no.  It’s more hope than anything else. Or it’s a good episode of The Blacklist or Scorpion.  But I would rather believe that as opposed to the alternative public explanation that not only did the NSA lose information on almost every major intelligence program to Snowden, but that it lost the US technical edge in cyber warfare to an accident.

 

My Post Vacation Links

Edward Snowden

Edward Snowden (Photo credit: DonkeyHotey)

I just drove back from vacation and boy are my…wheels tired.  OK admittedly that’s not exactly a keeper, but hey, I’ve been on vacation. But even on vacation, the learning never stops, so I’ve come across a few articles that I thought were insightful enough to pass on.

First up: ‘Revisiting Snowden’s Hong Kong Getaway’ in the Wall Street Journal.  Yeah I know it’s behind a pay wall but just Google the article title.  Sshh!  Don’t tell The Wall Street Journal this is their secret back door!

Although I try to keep up with the Snowden story, this had some tidbits I wasn’t aware of, such as Snowden vanishing from the time he arrived in Hong Kong on May 20th to the 31st of May.  Where was he?  There are no records of hotel or credit charges during those dates.  Mysterious…

 

English: American author and columnist Jonah G...

English: American author and columnist Jonah Goldberg. (Photo credit: Wikipedia)

Jonah Goldberg has a G File that is a testament to how good a writer he is when he can plug something worthwhile into an article that’s meant to be a throw away email newsletter. In, ‘The Importance of the Family,’ Goldberg argues that the family is the State’s biggest competitor and on the political level, Democratic political success is dependent on a disintegrating family unit.

 

 

English: Mark Steyn speaks at CPAC 2008 as Pam...

English: Mark Steyn speaks at CPAC 2008 as Pamela Gellar of Atlas Shrugs looks on. (Photo credit: Wikipedia)

No links post could be complete without something from Mark Steyn.  In ‘Letting the IRS Get Away with it,’ Steyn points out one of the more troubling aspects of the IRS scandal; the release of donor lists of 501(c)3 organizations in order for leftwing activist groups to go after the donors personally.  It’s a chilling free speech issue.

 

 

 

 

 

 

 

English: Bob Newhart in Norfolk, Virginia. Doi...

English: Bob Newhart in Norfolk, Virginia. Doing a personal appearance at a K-Mart store. (Photo credit: Wikipedia)

 

And just for fun, a blog recently posted an old Bob Newhart classic bit, ‘The Driving Instructor.’  Comedy is one of those things that its practitioners can grow out of, either because they’ve worn out their shtick, they’re no longer creative enough to produce new material, or they just get too old period.  In the case of Bob Newhart, based on his recent appearances on ‘The Big Bang Theory,’ he is just as good now as he was over 50 years ago.  In Newhart’s case, his shtick is his delivery.  No other comedian has mastered the art of deadpan delivery as Newhart has.

 

 

Snowden’s Snow Job and Left-Right Inconsistency

Well it looks like the government finally went ahead and filed charges against Edward Snowden under the Espionage Act.  To me, that’s good news, although I think the odds of the US ever getting its hands on Snowden again are vanishingly small.  I’m pretty sure that Snowden will get to stay somewhere, whether it’s in China,  Iceland, or  Russia, where he is now.  Putin made a sanctuary offer to Snowden.  I’m pretty sure there are plenty of folks in Russia’s intelligence services that would love to sit down with Snowden and have a chat.

When I wrote about Snowden’s release of classified information a few weeks ago, I was reveling in the liberal hypocrisy that saw nothing wrong about these NSA programs, even though similar disclosures during the Bush era sent the left into a state of rage overload.  But I shouldn’t have laughed so quickly. As more information about Snowden came out, the right began to anoint him a hero.  How could the same people who (rightly) called Bradley Manning a criminal now call Snowden a hero and patriot?

Snowden violated his nondisclosure agreement, released classified documents to a foreign newspaper, and then promptly fled to Red China, where he revealed the extent of US spying on China, and then off to Russia.  That sort of description usually describes a hero to the left, not the right.  But I was pilloried on political forums for simply pointing out that Snowden betrayed his country…by the right.

That could have just been my own anecdotes that have no bearing on the national conversation, except the switcheroo is made clear in polling.  More Democrats support the phone metadata program than Republicans.

That tracks pretty closely to whether Americans think Snowden was right or wrong to release information on the NSA programs.  Democrats think Snowden was wrong by 49% to 39%.  Republicans?  They think Snowden was right 49% to 38%. Besides the embarrassment I have that most of the right now supports a traitor, it makes clear that for most people, they are supporting their team, not necessarily their principles.  I’ve always prided myself on my consistency, but I didn’t really think I was that unique in being supportive of principals rather than whether the other guy was wearing a red shirt or a blue one.

I will have to reconsider that.

Enhanced by Zemanta