Who Was the NSA Contractor Arrested for Leaking the ‘Shadow Brokers’ Hacking Tools?

This is a fantastic read for anyone who has followed the saga of the NSA and The Shadow Brokers.  Mr. Krebs is doing a tremendous job running these leads to ground.

https://krebsonsecurity.com/2017/11/who-was-the-nsa-contractor-arrested-for-leaking-the-shadow-brokers-hacking-tools/

Advertisements

Shadow Brokers cause ongoing headache for NSA

This is a nice recap of where the NSA vs. ShadowBrokers stands at the moment.  I do find it mildly intriguing how damaged the NSA finds itself amidst this constant trickle feed of compromised data and formerly secret exploits.  One telling line in the article references the NSA (and I am paraphrasing) as one of the premier world wide agencies for breaking into computer systems and yet they could not protect their own house.

I do have to agree with Bruce Schneier and others who point to a whistleblower or other insider theory on the breach.  ShadowBrokers wants the NSA to suffer, both functionally and in terms of reputation.

https://nakedsecurity.sophos.com/2017/11/15/shadow-brokers-cause-ongoing-headache-for-nsa/

NSA contractor nabbed for pilfering agency codes

There have been several posts about this discovery and arrest at the NSA.  Another insider has stolen classified information.  Many people continue to ask the question – How can this happen at the NSA?  What about all of their security?  What about all of the efforts required to obtain and maintain a security clearance?  The answer to these questions is simple and found in the article.  A motivated insider with proper access is extremely difficult to defend against.

The questions I would ask everyone within earshot – Is your security and background checking process as strong or stronger than the NSA?  If not, then why are you not incredibly concerned about insider threats?

http://www.scmagazine.com/nsa-contractor-nabbed-for-pilfering-agency-codes/article/527208/

Industry pros react to Cisco, Fortinet advisories after possible Snowden NSA leak

Is anyone honestly surprised by this revelation?  Let us not forget the photographs provided back during the Prism discussions of NSA employees opening Cisco hardware boxes, altering firmware and repackaging devices.  Regardless one which side of the Snowden debate you find yourself, I think we can all agree that vulnerabilities and backdoors create weaknesses in products and services, despite the best or worst intentions of the people who placed them there.

http://www.scmagazine.com/industry-pros-react-to-cisco-fortinet-advisories-after-possible-snowden-nsa-leak/article/517385/