Security experts including National Security Agency whistleblower Edward Snowden have blamed the intelligence agency for failing to inform potential targets about their vulnerability to cyber-attack.
Edward Snowden, the whistleblower who first revealed the existence of the NSA’s global espionage program in 2013, also commented on the hack.
— Edward Snowden (@Snowden) May 12, 2017
Last month, the Shadow Brokers hacking group released documents containing vulnerabilities identified by the NSA and hacking tools developed by the intelligence agency to break into Windows computers.
Shadow Brokers made the exploits public after the NSA left their arsenal of hacking tools on a server ‘in the wild,’ allowing them to be picked up by any hacker who stumbled upon them.
Then, Snowden raised the issue of whether the NSA would be liable for any consequent hack using the tools.
#NSA knew their hacking methods were stolen last year, but refused to tell software makers how to lock the thieves out. Are they liable?
— Edward Snowden (@Snowden) April 14, 2017
The Shadow Brokers‘ file dump included 23 new hacking tools named OddJob, EasyBee, EternalRomance, FuzzBunch, EducatedScholar, and others. The tools are capable of breaking into computers running versions of the Windows operating system which are earlier than the most recent Windows 10.
Shortly after the hack, IT security expert Tiago Henriques of Binary Edge commented that an NSA hacking tool called DoublePulsar had already infected millions of machines worldwide and was using them as botnets to attack others.
Henriques said that larger organizations are particularly at risk from the NSA hacking tools, because they take longer to update their systems with the latest Microsoft security patch.
“Unfortunately for some companies, (for example) banks that transfer entire GDP’s of countries across their networks in a day, it’s very hard to just update because these are very critical systems and if they go down or something goes wrong with the update, it causes a huge business impact,” Henriques explained.
Henriques said the most important thing users can do to prevent such an attack is to update their system with the latest version of their software.
“If you are a home user, upgrade to the latest software and of course properly configure your firewalls. If you are exposing a service to the internet, allow only specific addresses to connect to that service, instead of the entire internet,” Henriques advised.