NSA Hack Update & Attacks on New York Times
This weekâ€™s briefing will be split into two parts.
While it has been more than a week since the entity calling itself â€œThe Shadow Brokersâ€ first leaked tools and exploits allegedly used by the NSAâ€™s TAO unit, no further hard information has emerged.
NSA TAO Hack & Tool Leak Update
Rumors, theories and accusations abound but we can not establish enough evidence for any of them to be considered trustworthy.
We await the conclusion of the Shadow Brokersâ€™ auction, further releases, a governmental response or hard evidence and will update you once such information becomes available.
FBI Investigate attack on New York TimesThe FBI is reportedly investigating several cyber attacks on US news organizations which it believes were carried out by Russian hackers.
So far no successful breaches are reported.
The reason for this investigation appears to be the New York Times reporting a seemingly unsuccessful cyber attack on its Moscow Office. No further information is available at this point.
Cyber attacks against newspapers fit the pattern of actors attacking soft targets to impact hardened ones which we have described in detail during this monthâ€™s briefings. Newspapers impact public opinion and are thus especially valuable targets. If information that has not yet been released or that has been willfully withheld can be found in the newspaperâ€™s archives a release through the attackers can cause significant damage to the newspaperâ€™s image.
Attackers would also search for evidence of disapproved reporting practices or strong connections to government agencies on the PCs of individual reporters to cause further image damage.
Lastly, newspapers often keep their sources anonymous while information that may be used to identify them is still stored on the internal networks. If such information is stolen, sources may be at risk.
Since most newspapers donâ€™t have strong IT security - let alone dedicated IT security staff - the combination of valuable information and relatively weak security makes them very appealing targets for any attacker.
It remains to be seen if the FBI or any of the affected papers themselves will uncover evidence of a successful breach. Even if no evidence is found, a breach may still have occurred.
The only proof positive of a successful hack would be the leaking of sensitive files stolen from a paper. We will continue to monitor the situation for new information.