Over the past month stolen from the arsenals of the NSA’s cyber weapons were used against two very different partners of the US — Britain and Ukraine.
The NSA is keeping silent, not acknowledging his involvement in the development of this weapon. Officials from the White house leaving many questions and argue that the focus should be on hackers and not on the manufacturer of cyber weapons.
But the victims of the attacks are unlikely to appreciate the silence, because attackers use these weapons against hospitals, nuclear facilities and American companies. There is a growing concern that the intelligence Department of the USA were quick to create a digital weapon, but can’t save it from enemies or deactivate in the case of getting into the wrong hands.
On Wednesday, the louder sounded the requirements for the NSA to think about their role in recent cyber attacks, because victims of the attacks and the company’s information technology raised a fuss and started complaining. A member of the house of representatives and a former air force officer Ted Liu (Ted Lieu) (Democrat from California), working in the legal Committee of the house of representatives and the Committee on foreign Affairs, called on the NSA to assist in the fight against these attacks and to stop accumulating knowledge about computer vulnerabilities that underlie these weapons.
On Wednesday evening, a representative of the national security Council in the White house Michael Anton (Michael Anton) wrote a letter in which he noted that the state “uses a well-organized, coordinated between different departments in the decision-making process on disclosure of known vulnerabilities” in software, “unlike all the other countries of the world.”
According to Anton, the administration seeks to “responsibly seek a balance between the interests of national and public security”. However, he declined to comment on “the origin of the codes within the malware”.
Moreover, the authorities lay the blame on others. Two weeks ago, the United States, through its Department of homeland security announced the availability of the government has evidence that North Korea conducted in may, a series of cyber attacks using the virus-the extortioner WannaCry, which shut down hospitals, Railways and production lines. The attack, carried out Tuesday against targets in the Ukraine, and then spread throughout the world, this is likely the handiwork of Russian hackers, although the culprit has not been named.
In both cases, the attackers used the tools for hacking that use vulnerabilities in Microsoft software. These tools were stolen from the NSA, and the group called Shadow Brokers said about them in April. First she put the NSA cyber weapon for sale, and recently even suggested malware tools Agency subscribers for a monthly fee.
The group Shadow Brokers remains a mystery, but former intelligence officers have reported that they know where there is a new cyber weapon: a secret unit of the NSA, which until recently was called the group operational penetration into computer networks of the enemy.
While the government remains silent, the private sector is not going to be silent. President of Microsoft brad Smith (Brad Smith) said bluntly that the NSA is the Creator of the vulnerabilities that today wreak havoc and urged the Agency “to think about the damage to the civilian, which occurs due to the accumulation of such vulnerabilities and use of such malware”.
For American intelligence agencies, which have invested billions of dollars in creating the Arsenal of cyber-weapons used against the Iranian nuclear program, North Korean missile tests and militants from the “Islamic state” (banned in Russia organization — approx. TRANS.), what is happening in the world today is a true digital nightmare. It’s like that in the air force would lose some of its most advanced missile, and then discovered that the enemy launches their American allies — but would not recognize that the missiles were created for use by Americans.
Officials lament about the fact that the damage from leaks Shadow Brokers can be much more serious, and that the NSA can be used to destroy critical infrastructure in allied and in the United States.
“Whether it’s North Korea, Russia, China, Iran or the Islamic state — in almost all hot spots are present cyberalert,” he said during a recent interview with former Minister of defense and Director of Central intelligence, Leon Panetta. This was even before the NSA cyber weapon turned against American interests.
“I don’t think we fully understand what can happen as these sophisticated viruses can spontaneously mutate and are increasingly appearing in other areas where we would not want to see them — said Panetta. — With such a threat we will face in the near future.”
Tactics of the remnants of the American cyber weapons is not new. The constituent parts of the computer virus Stuxnet, which struck seven years ago, Iranian centrifuges to produce fuel for Iranian nuclear weapons, was also used in some attacks.
Over the past two months, the attackers modified the latest models of cyber-weapons, NSA stealing data from American companies. Cyber criminals are using it to theft of the digital currency. It is believed that North Korean hackers have used these means to obtain badly needed currency into the poorly protected institutions such as hospitals English and Japanese industrial enterprises.
And on Tuesday, on the eve of the Constitution Day in Ukraine, celebrated in honor of the first Constitution, adopted after the secession from the USSR, the attackers used the NSA developed techniques to lock the computers in the Ukrainian hospitals, shopping malls, and even systems radiation dosimetry at the Chernobyl nuclear power plant.
The so-called virus-extortionist who attracted the most attention during the Ukrainian attack, has become a kind of smokescreen to mask deeper penetration with the goal of complete destruction of the attacked computers. Although WannaCry was an emergency lock for its containment, attacked the Ukraine, the hackers deactivated the mechanism. They did so that their code could infect computers with corrective software inserts designed to protect these machines.
“We’re seeing that these opportunities are improved, and the movement is in one direction only,” said former Deputy Minister of internal security ciberpolitica Robert Silvers (Robert Silvers), now working as a partner in a law firm Paul Hastings.
First on Tuesday was attacked by Ukrainian state institutions and companies, but these attacks were also caused enormous collateral damage. It affects an estimated two thousand goals in 65 countries, including the American pharmaceutical company Merck, Danish companies Maersk Maritime transport, as well as the Russian state energy company Rosneft. In the attack was seriously disrupted subsidiaries fedex, which had to briefly suspend trading in shares of FedEx.
“When these viruses fall into the wrong hands, people can use it for financial gain and other interests. But the biggest danger is the risk of miscalculation, because it can happen something unexpected,” said Panetta.
Panetta and other leaders a few years ago warned about “cyber pearl Harbor”, which can be derived from the failure of us electricity grids. But these people even could not imagine that the enemies will use cyber warfare NSA.
The last six years, government officials comfort themselves with the fact that their main opponents, such as North Korea, Iran, extremist groups, no skills, no digital tools to cause serious damage. Larger CyberDengui, such as Russia and China, have shown some restraint, although the Russian interference in the presidential elections of 2016 has created a new, more insidious threat.
But now, having adopted the tools of the NSA, the destructive forces already does not restrain myself.
“We have new actors, such as North Korea and the group “Islamic state”, which gained access to the NSA cyberweapons, but show complete indifference to the economic and other relations between States,” — said the former Chairman of the Federal energy regulatory Commission John Wellinghoff (Jon Wellinghoff).
As say experts on cyber security, while there are flaws in computer code that creates loopholes for the use of digital weapons and spy tools of the NSA are unlikely to stop collecting data about software vulnerabilities.