BrightWire Networks blog
This NSA Employee Made a Mistake. How Hackers Exploited it is Worrisome
One of the biggest hacks of 2016 was the United States National Security Agency, by a hacking group calling themselves the Shadow Brokers. This hack came to light after tools belonging to the NSA were discovered on the black market. How could a data breach of this magnitude happen to one of the most secure IT systems in the world? Newly released evidence may provide the answers.
An investigation performed by the FBI points to the source of the hack coming from an individual associated with the NSA, like an employee or a contractor. However, unlike the infamous NSA-employee-turned-fugitive case of Edward Snowden, it looks like this most recent data breach wasn’t an attempt at whistleblowing. Instead, it’s more likely that the breach resulted from the sloppy handling of sensitive files.
Whether the mishandling of the NSA files was an intentional act or not has yet to be determined. Although, what we do know is how they were mishandled. Apparently, the responsible party left the tools on a remote computer during an operation--three years ago! If the tools were removed from the remote PC like they were supposed to be, this whole crisis could have been avoided. To say that this is unfortunate is an understatement, seeing as the stolen tools allow users to exploit systems from Fortinet Inc. and Cisco Systems.
Since the news of the hack became public knowledge, patches for these systems have been released, thus minimizing the damage that can be enacted by hackers using the stolen tools. Although, as is the nature of security patches, organizations that put off installing them will continue to be at risk until they do so, giving hackers ample motivation to seek out and exploit these negligent companies.
Currently, the FBI is looking into the possibility that the employee intentionally left these tools exposed so the Shadow Brokers could obtain them. However, the information thus far points to the employee making an honest mistake, seeing as the worker reported their mistake shortly after making it. Considering then how these events played out, the NSA actually comes out looking bad since they didn’t report the threat to the affected software manufacturers after learning about it; another misstep that could have resolved the problem much sooner.
The takeaway here for business owners is how easy it is for an innocent mistake by you or one of your employees to put your company’s sensitive information at serious risk. Often times, much attention and resources are given to protecting an organization from external threats, like hackers of the Shadow Broker nature, while too little attention is given to training staff on how to properly handle data. When it comes to having an airtight cybersecurity plan, your company must protect itself from every threat, and from every angle.
To make sure your network is fully protected, reach out to BrightWire Networks at (360) 528-6017.