New leak suggests NSA penetrated banking networks in Middle …

Posted: April 15, 2017 at 5:17 pm

PARIS -- A new set of documents purportedly lifted from the U.S. National Security Agency suggests that American spies have burrowed deep into the Middle Easts financial network, apparently compromising the Dubai office of the anti-money laundering and financial services firm EastNets. The company said Friday that the documents were dated and denied that any customer data had been affected.

TheShadowBrokers, which startled the security experts last year by releasing some of the NSAs hacking tools, has recently resumed pouring secrets into the public domain. In a first for TheShadowBrokers, the data includes PowerPoint slides and purported target lists, suggesting that the group has access to a broader range of data than previously known.

This is by far the most brutal dump, said Comae Technologies founder Matt Suiche, who has closely followed the groups disclosures and initially helped confirm its connection to the NSA last year. In a blog post, he said it appeared that thousands of employee accounts and machines from EastNets offices had been compromised and that financial institutions in Kuwait, Bahrain and the Palestinian territories had been targeted for espionage.

In a statement, EastNets said there was no credibility to the allegation that its customers details had been stolen.

Play Video

Part One: The NSA allows 60 Minutes cameras inside the agency's secure areas for the first time to explain what it does and what it says it doesn...

The company, which acts as a service bureau connecting customers to the financial worlds electronic backbone, SWIFT, said the ShadowBrokers documents referred to a low-level internal server that had since been retired and that a complete check of its systems had turned up no evidence of any compromise.

The denial drew skepticism from those whod reviewed the files.

Eastnets claim is impossible to believe, said Kevin Beaumont, who was one of several experts who spent Friday combing through the documents and trying out the code. He said hed found password dumps, an Excel spreadsheet outlining the internal architecture of the companys server and one file that was just a massive log of hacking on their organization.

SWIFT, based in Belgium, released a less categorical statement, saying, we understand that communications between these service bureaus and their customers may previously have been accessed by unauthorized third parties. It said there was no evidence its own network had been compromised.

Play Video

The National Security Agency is under new scrutiny after another alleged breach by a contractor. Harold Martin is accused of stealing top secret ...

Repeated messages seeking clarification from EastNets went unreturned.

The leak also included tools designed to target computers and servers running Microsofts Windows operating system, ZDNet reports. Most of the exploits target older Windows versions, dating back as early as Windows XP and Windows Server 2003, but many supported versions are still on the list, including Windows 7 and Windows 8.

Beaumont said the exploits suggest the work of a sophisticated actor and are a potential worry for many of Windows hundreds of millions of users.

The opinion was seconded by Matthew Hickey of Prestbury, England-based cybersecurity company Hacker House.

Its an absolute disaster, Hickey in an email to the Associated Press. I have been able to hack pretty much every Windows version here in my lab using this leak.

Microsoft said in a statement that it is reviewing the leak and will take the necessary actions to protect our customers. It declined to elaborate.

The NSA, which did not respond to emails, has previously shown interest in targeting SWIFT, according to documents leaked by former intelligence contractor Edward Snowden, and Suiche said other documents in the release suggested an effort to monitor the worlds financial transactions that went beyond EastNets.

Ill bet its not the only SWIFT service bureau thats been compromised, he said.

2017 CBS Interactive Inc. All Rights Reserved. This material may not be published, broadcast, rewritten, or redistributed. The Associated Press contributed to this report.

Read more:
New leak suggests NSA penetrated banking networks in Middle ...

Related Posts