CybersecurityAfter the NSA hack: Cybersecurity in an even more vulnerable world
It is looking increasingly likely that computer hackers have in fact successfully attacked what had been the pinnacle of cybersecurity – the U.S. National Security Agency (NSA). Cyberweapons and their capabilities are becoming an increasing part of international relations, forming part of foreign policy decisions and even sparking what has been called a “cyber arms race.” The cyberattack on the NSA’s – specifically, the attack on the Equation Group, the NSA’s spying element – may be part of this global interplay. The attack is also further proof of the cybersecurity industry’s axiom about the highly asymmetric probabilities of successful attack and successful defense: Attackers need to succeed only once; defenders have to be perfect every time. As sophisticated as NSA’s highly secure network is, the agency cannot ever fully protect itself from cyberattackers.
Nir Kshetri, Professor of Management, University of North Carolina - Greensboro // Source: uncg.edu
It is looking increasingly likely that computer hackers have in fact successfully attacked what had been the pinnacle of cybersecurity – the U.S. National Security Agency (NSA). A few days ago, reports began emerging of claims by a hacking group called the Shadow Brokers that it had breached the network of, and accessed critical digital content from, computers used by the Equation Group. This attracted more than the usual amount of attention because the Equation Group is widely believed to be a spying element of the NSA.
It is possible – perhaps even likely – that Shadow Brokers is a group of hackers linked to the Russian government.
Shadow Brokers posted online some examples of the data it said it had stolen, including scripts and instructions for breaking through firewall protection. Cybersecurity analysts poring over that information are confident that the material is in fact from Equation Group. This news raises a bigger question: What are the consequences if the Equation Group – and by extension the NSA – were actually hacked?
What has been breached?
The NSA holds a massive amount of data, including information on U.S. citizens’ and foreign nationals’ phone calls, social connections, emails, web-browsing sessions, online searches and other communications. How much data? NSA’s Utah data center alone is reported to have a storage capacity of 5 zetabytes – 1 trillion gigabytes. However, judging from what has been made public of what has been stolen by Shadow Brokers, this massive data trove has not been breached.
But the NSA’s other key digital asset is a collection of very sophisticated, often custom-designed, hacking, analysis and surveillance software. The agency uses these tools to break into computer networks at home and abroad to spy on specific targets and the public at large.
The Shadow Brokers have claimed to have copies of this software and information on security vulnerabilities the NSA uses in its attacks, including instructions for breaking into computer networks. If true, these would be of very high strategic value to someone seeking to defend against cyberattacks, or wanting to conduct their own.
