Category Archives: NSA

The U.S. Capitol is seen in Washington, DC, April 28, 2017. Saul LoebAFP/Getty Images

A bill proposed in Congress on Wednesday would require the U.S. National Security Agency to inform representatives of other government agencies about security holes it finds in software like the one that allowed last week's "ransomware" attacks.

Under former President Barack Obama, the government created a similar inter-agency review, but it was not required by law and was administered by the NSA itself.

The new bill would mandate a review when a government agency discovers a security hole in a computer product and does not want to alert the manufacturer because it hopes to use the flaw to spy on rivals. It also calls for the review process to be chaired by the defense-oriented Department of Homeland Security rather than the NSA, which spends 90% of its budget on offensive capabilities and spying.

Republican Senator Ron Johnson of Wisconsin and Democratic Senator Brian Schatz of Hawaii introduced the legislation in the U.S. Senate Homeland Security and Governmental Affairs Committee.

et Data Sheet , Fortune's technology newsletter.

Striking the balance between U.S. national security and general cyber security is critical, but its not easy, said Senator Schatz in a statement. This bill strikes that balance.

Tech companies have long criticized the practice of withholding information about software flaws so they can be used by government intelligence agencies for attacks.

Hackers attacked 200,000 in more than 150 countries last week using a Microsoft Windows software vulnerability that had been developed by the NSA and later leaked online.

Microsoft president Brad Smith harshly criticized government practices on security flaws in the wake of the ransomware attacks. "Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage," Smith wrote in a blog post.

Agencies like the NSA often have greater incentives to exploit any security holes they find for spying, instead of helping companies protect customers, cyber security experts say.

"Do you get to listen to the Chinese politburo chatting and get credit from the president?" said Richard Clayton a cyber-security researcher at the University of Cambridge. "Or do you notify the public to help defend everyone else and get less kudos?"

Susan Landau, a cyber security policy expert at Worcester Polytechnic Institute, said that in putting DHS in charge of the process, the new bill was an effort to put the process "into civilian control."

The new committee's meetings would still be secret. But once a year it would issue a public version of a secret annual report.

The NSA did not immediately respond to a request for comment.

Go here to see the original:
US Cyber Bill Would Shift Power From Spy Agency - Fortune

Sign Up for

Our free email newsletters

The National Security Agency (NSA) is supposed to protect American citizens from high-tech threats. But who will protect Americans from their screw-ups?

Last week, countries around the world reeled as a virulent piece of ransomware (which forcibly encrypted local data, then demanded payment in bitcoins to release the files) spread through tens of thousands of computer systems, including in banks and hospitals. Russia was worst hit, but the U.K. suffered serious damage as well, with its National Health Service suffering serious disruptions to medical services.

The story got much more infuriating when experts figured out that the computer worm was a slightly modified version of an exploit built by the NSA one stolen by the "Shadow Brokers" and leaked over the internet. Luckily, a 22-year-old British researcher accidentally tripped the worm's off switch, containing the damage at least for now. Different versions have already cropped up without that off-switch, though none as yet has spread to the same degree.

It's time for American security agencies to actually start securing the safety of American computer networks and the first step is to stop building and stockpiling computer security exploits.

As Charles Stross explains, neither the worm nor the ransomware adaptation of it were exactly masterpieces of cyber crime. The worm only worked on older Windows computers which hadn't disabled legacy file-sharing. What's more, when the Shadow Brokers leaked all the NSA tools, Microsoft had actually already released updates to patch most of its vulnerabilities (suggesting someone had tipped them off about what had been hacked).

Additionally, the ransomware's off-switch was simply a long gobbledygook domain name that was hard-coded into the program. It turned out the worm checked to see if the domain was active before it delivered its payload, so when the security researcher stumbled across it and registered it out of curiosity, he accidentally stopped the spread of the worm.

However, it turns out there are tons and tons of computers still running outdated version of Windows, and tons and tons of people who procrastinate about annoying software updates or don't even know how to do them. Even a poorly designed, weak piece of malware can do terrible damage when directed at the most outdated computer networks.

This brings me back to the NSA. If you ask why they are building and stockpiling security exploits for the most common operating systems, they will say it's for espionage operations against foreign enemies.

But the actual benefits of such things are highly questionable. Probably the most successful one ever was the fearsome Stuxnet worm, which did moderate damage to Iranian uranium enrichment facilities back in 2009. But the damage was quickly repaired, and did not do nearly as much to control the Iranian nuclear program as the diplomatic agreement signed under President Obama.

Conversely, as we are seeing today, the damage from building and piling up malware is potentially catastrophic. The NSA obviously cannot secure its own networks, and so any such weapon is one misstep away from falling into the hands of foreign governments, gangsters, or terrorists. And again, this worm was rather amateurish, and built from known materials thus giving Microsoft a bit of a head start for patches. But suppose some real professionals secretly hacked unknown NSA zero-day exploits, and built a worm designed to attack American financial systems or critical infrastructure?

If we had any sense, we would be dedicating at least the majority of our computer security spending to, you know, security: investigating, upgrading, and maintaining American computer systems to defend them against attack. (In reality, it's roughly 90 percent offense, 10 percent defense.) The NSA could probe commercial software for vulnerabilities, and then quietly inform the developer so they could be patched, as Microsoft President Brad Smith argues. Second, instead of trying to coerce tech companies to build back doors into their devices and software, the government could help them with security, particularly user-friendly end-to-end encryption. They could help support open-source software ecosystems, which are part of many pieces of critical internet infrastructure.

Perhaps most importantly, the government could help keep older operating systems secure (like Windows XP, which Microsoft was forced to update this week after abandoning it three years ago), and help people upgrade their equipment and software.

Of course, the NSA will do nothing of the sort. They helplessly define "national security" in a way that excludes their own failures enabling crime and terrorism. But if we had a lick of sense, we'd just abolish the NSA and start a new agency with a more sensible definition.

Read the original here:
The NSA is running amok - The Week Magazine

Last week a malicious computer worm dubbed WannaCry 2.0 began attacking older, unpatched versions of Microsoft operating systems, infecting hundreds of thousands of systems with ransomware that held user data hostage in exchange forBitcoin payments.

The cyberattack used code from a powerful National Security Agencytool called EternalBlue, which a mysterious group of hackers known as The Shadow Brokers leaked earlier this year. Tech companies have been quick to blame the NSA for finding and exploiting vulnerabilities in commercial products like Windows, to say nothing of losing them.

On Sunday, Brad Smith, Microsofts (MSFT) president and chief legal officer, argued that an equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen.

The next day, Former NSA contractor Edward Snowden, speaking via video chat to the K(NO)W Identity Conference in Washington D.C. from an undisclosed location in Russia, repeated Smiths argument.

An equivalent scenario to what were seeing happening today would be conventional weapons, produced and held by the U.S. military, being stolen, such as Tomahawk missiles, Snowden said while describing Smiths letterto a crowd less than a mile from the White House.

Edward Snowden speaking via video chat from Russia at the K(NO)W Identity Conference in Washington, D.C. on May 15. (image: One World Identity)

U.S. officials acknowledge that the NSA deserves scrutiny about protecting tools it develops to collect foreign intelligence. Theyve absolutely got to do a better job protecting [the hacking tools], General Keith Alexander, head of the NSA from 2005 to 2014, told The Washington Post. You cant argue against that.

However, the Tomahawk analogy may be a stretch. Dave Aitel, a former NSA research scientist and CEO of the cybersecurity company Immunity, explained why hacking tools are not like bombs.

The very first thing is you can steal a Tomahawk missile from me, but you cannot steal it from me without me knowing youve stolen it, Aitel said. And of course, you can steal an exploit or other intellectual property from me and I may never find out. Another is that two people can have [the same exploit] at the same time.

Aitel, who specializes in the offensive side of cybersecurity, added that deep down, the biggest difference is that you have to learn a lot about exploits to protect yourself, and I dont really have to learn a lot about Tomahawk missiles to protect myself from Tomahawk missiles.

This is the screen youll see if your computer is infected with the WannaCry 2.0 ransomware.

Nevertheless, the analogy has been relatively well received. Travis Jarae, CEO and Founder of One World Identity, which hosted the conference in Washington, and paid a speakers bureau to digitally host Snowden, saidthat the Tomahawk analogy is not wrong given the contemporary threat environment.

Warfare is digital, explained Jarae, who was previously Global Head of Identity Verification at Google. We spy on people digitally I thought it was a little aggressive to compare it to a missile, but [government hacking] is very damaging.

Aitel noted that it makes sense why Smith and others in the tech business would make that argument.

[Brad Smiths] job is to create favorable economic conditions for Microsoft at a strategic level, and if he pressure governments to stop using exploits, then that helps him from a PR perspective, Aitel said. It doesnt help the users because people are still going to have exploits. Thats always going to be true.

Read More

Microsoft president and chief legal officer Brad Smith speaks at a Microsoft tech gathering in Dublin, Ireland October 3, 2016. REUTERS/Clodagh Kilcoyne

Snowden also echoed Smiths criticisms of the U.S. governments decision to develop secret software exploits, telling the audience at the K(NO)W Identity Conference that secret government exploits are a problem, and the NSA should have voluntarily revealed the EternalBlue exploit long ago.

But other former NSA officialshave pushed back against that idea, telling the Washington Post that EternalBlue netted an unreal foreign intelligence haul that was like fishing with dynamite.

Edward Snowden knows full well the value of the signals intelligence program and that includes the NSAs hacking to our national security, Aitel said. This is not for play. Theyre not building exploits for fun. Its not a hobby. Its for distinct and important national security needs.

So when he says Give up your exploits, he essentially is saying, We dont need signals intelligence, which we do.

Ultimately, according to Aitel, companies like Microsoft placing the blame on the NSA with crude analogies equating NSA hacking tools to U.S. cruise missiles only serves to muddy the larger debate.

The bigger issue is Brad Smith and Microsoft, who continue to insist that everything fall their way in terms of how vulnerabilities are handled, which I dont think helps the conversation around cybersecurity, Aitel said. There are a lot of very interesting things in cybersecurity that dont involveMicrosofts bottom line, and those are worth talking about.

READ MORE:

The simple reason so many companies were hit by the WannaCry 2.0 ransomware

As tensions rise with Russia, U.S. colleges still pay for Snowden speeches

No, your Apple computer isnt immune from ransomware

Risk director discusses the tragedy of Julian Assange and WikiLeaks

The rest is here:
Why leaked NSA hacking tools are not like stolen Tomahawk missiles - Yahoo News

A massive cyberattack hit tens of thousands of computers in dozens of nations. Reports of the attack first surfaced in Britain, where the National Health Service described serious problems. (Sarah Parnass/The Washington Post)

The hacking group that leaked the bugs that enabled last week's global ransomware attack is threatening to make public even more computer vulnerabilities in the coming weeks potentially including compromised network data pertaining to the nuclear or missile programs of China, Iran, North Korea and Russia, as well as vulnerabilities affecting Windows 10, which is run by millions of computers worldwide.

A spokesperson for the group, which calls itself the Shadow Brokers, claimed in a blog postTuesdaythat some of those computer bugs may be released on a monthly basis as part of a new subscription-based business model that attempts to mimic what has proved successful for companies such as Spotify, Netflix, Blue Apron and many more.

[Clues point to possible North Korean involvement in massive cyberattack]

Is being like wine of month club, readthe blog post, which is written in broken English. "Each month peoples can be paying membership fee, then getting members only data dump each month."

The moveshows the growing commercial sophistication of groups such as the Shadow Brokers, which already has demonstrateda fearsome technical ability to compromise the world's top intelligence agencies. And it underscoresthe waymuch of theunderground trade forcomputer bugs resembles a real-world commercial market.

Security experts have been analyzing the blog post for clues aboutthe Shadow Brokers' intentions and capabilities.

[How to protect yourself from the global ransomware attack]

Marcy Wheeler, a longtime independent researcher, said in a blog post Tuesday that the Shadow Brokers' postbrings the hammer down both on Microsoft, whose products could be affected by any further leaks, and the U.S. National Security Agency, whose information the Shadow Brokers leaked in April. That leakled indirectly to the creation of WannaCry and the subsequent crisis,security experts say.

Simply by threatening another leak after leaking two sets of Microsoft exploits, Shadow Brokers will ratchet up the hostility between Microsoft and the government, Wheeler wrote.

Microsoft didn't immediately respond to a request for comment. On Sunday, the company criticized the NSA for stockpiling digital weapons. The tech industry opposes efforts by the government to weaken the security of its products, while national security advocates say it could help combat terrorism.

[Russia warns against intimidating North Korea after its latest missile launch]

Although experts say the Shadow Brokers do not appear to have been directly involved in the WannaCry attack, leaking the exploitin the first place was a major step toward facilitating the cyberattack.

The group's new claim that it possesses information on the nuclear programs of state governments is extremely worrisome, said Joseph Lorenzo Hall, chief technologist for the Center for Democracy and Technology, a Washington think tank."While they don't seem to have the most amazing PR department," he said, "they've already proved that they had some pretty serious access. The nuke facility stuff is particularly concerning, [speaking] as a former physicist.

Previously, the group had sought to sell its hacking tools to the highest bidder. Few buyers came forward, the group said in its blog post. But now, the monthly subscription model might mean the bugs will find their way into the hands of more people, spreading far and wide, Hall said.

Originally posted here:
The hacking group that leaked NSA secrets claims it has data on foreign nuclear programs - Washington Post

How the hacking tools escaped the National Security Agency is unknown. | AP Photo

This week's worldwide cybersecurity crisis is just the latest black eye for the National Security Agency and its practice of stockpiling secret means of snooping into computer systems.

Thats because whoever launched the global series of ransomware assaults is using a flaw in Microsoft Windows that the U.S. spy agency had apparently exploited for years until someone leaked the NSAs hacking tools online and allowed cyber criminals to copy them.

Story Continued Below

Now, critics ranging from Microsoft to Vladimir Putin to fugitive NSA leaker Edward Snowden are denouncing the agencys practice of stockpiling computer vulnerabilities for its own use instead of informing the developers or manufacturers so they can plug the holes. And some privacy advocates and technology experts want Congress to make the agency rein in the practice.

Heres POLITICOs summary of where that debate stands:

How did hackers get ahold of the NSAs tools?

Thats a good question. But the ransomware racing around the globe is based on a cache of apparent NSA hacking software and documents that a group calling itself the Shadow Brokers posted online on April 14. (Shadow Brokers first began making these kinds of dumps last year.) The Trump and former Obama administrations have refused to confirm that the NSA had lost control of its tools, but former intelligence officials say the leaked material is genuine.

How the hacking tools escaped the NSA is unknown. But there are three main possibilities: An NSA employee or contractor went rogue and stole the files; a sophisticated adversary such as the Russian government hacked into the spy agency and took them; or an NSA hacker accidentally left the files exposed on a server being used to stage a U.S. intelligence operation, and someone found them.

Contractors, who can lack the institutional loyalty of regular employees, have long been a source of heartache to the intelligence community, from the 2013 Snowden leaks to the arrest last year of Harold Martin, a Maryland man charged with stealing reams of classified files and hoarding them in his home.

Which NSA tool are the hackers using?

It appears to be a modified version of an NSA hacking tool, a software package dubbed ETERNALBLUE, that was buried in the Shadow Brokers leak.

The tool took advantage of a flaw in a part of Windows called the Server Message Block, or SMB, protocol, which connects computers on a shared network. In essence, the flaw allows malware to spread across networks of unpatched Windows computers, a dangerous prospect in the increasingly connected world.

After the cache leaked, cybersecurity researchers, realizing that the SMB vulnerability could expose organizations to massive hacks, reverse engineered the tool, checking how it worked and evaluating how to defeat it. These researchers posted their work online to crowdsource and accelerate the process.

But their work also helped digital thieves. At some point, the criminals behind the ransomware attack grabbed the reverse-engineered exploit and incorporated it into their malware.

This separated their attack tool from previous popular iterations of ransomware. Whereas normal ransomware locks down an infected computers files and stops there, this variant can jump from machine to machine, infecting entire businesses like the internets earliest computer worms.

What did the NSA do after learning of the theft?

The spy agency probably warned Microsoft about the vulnerability soon afterward. Microsoft released a patch for computer users to repair the flaw in March, a month before the Shadow Brokers leak.

But thats not good enough for civil liberties advocates, who want stricter limits on how long the government can hold onto vulnerabilities it discovers.

These attacks underscore the fact that vulnerabilities will be exploited not just by our security agencies, but by hackers and criminals around the world, said Patrick Toomey, a national security attorney at the American Civil Liberties Union, in a statement. Patching security holes immediately, not stockpiling them, is the best way to make everyones digital life safer.

The agencys defenders disagree. That nobody else discovered these vulnerabilities as far as we know suggests that it is right for the NSA to hold onto them if they have confidence that nobody else has a copy of their tools, Nicholas Weaver, a researcher at the University of California in Berkeley, told POLITICO. It actually is a problem that the NSA cant or wont claim credit for properly notifying Microsoft. The NSA did the right thing, and they arent getting the credit for it they deserve.

Is this a new controversy for the NSA?

No. But the crisis that began on Friday is giving it prominence like never before.

Privacy advocates and tech companies have long criticized the U.S. spy agencies for keeping knowledge of security flaws a secret and building hacking tools to exploit them. And they say its especially bad when the government cant keep its secret exploits out of the hands of cyber criminals.

When [a] U.S. nuclear weapon is stolen, its called an empty quiver, tweeted Snowden, whose 2013 leaks exposed the vast underbelly of the government's spying capacity. This weekend, [the NSAs] tools attacked hospitals.

Microsoft President Brad Smith also denounced the NSAs inability to secure its tools. An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen, he wrote in a weekend blog post.

Putin later picked up that theme, telling reporters in Beijing that U.S. intelligence agencies were clearly the initial source of the virus.

Once they're let out of the lamp, genies of this kind, especially those created by intelligence services, can later do damage to their authors and creators," the Russian leader said.

But former national security officials say the government needs to build hacking tools to keep the U.S. safe. And White House homeland security adviser Tom Bossert downplayed the possible origin of the code Monday.

Regardless of the provenance of the exploit here used, he told ABC, who is culpable are the criminals that distributed it and the criminals that weaponized it, added additional details to it, and turned this into something that is holding ransom data but also putting at risk lives and hospitals.

A daily briefing on politics and cybersecurity weekday mornings, in your inbox.

By signing up you agree to receive email newsletters or alerts from POLITICO. You can unsubscribe at any time.

Whats Congress doing?

The government uses a system called the Vulnerability Equities Process to determine whether and when agencies must tell companies about code flaws they discover. Following recent spy agency leaks, former government officials, cyber experts and tech companies have proposed changes to the VEP that would limit the intelligence communitys ability to hoard vulnerabilities.

Some are calling for Congress to act.

Those include Rep. Ted Lieu, a California Democrat with a computer science degree, who has led the charge to reform the VEP.

Lieu, a leading congressional voice on cybersecurity, called the process not transparent in a statement Friday, saying few people understand how the government makes these critical decisions. The ransomware campaign, he added, shows what can happen when the NSA or CIA write malware instead of disclosing the vulnerability to the software manufacturer.

But Lieus bill is unlikely to become law. Not only does the intelligence community have numerous defenders in Congress, but politicians simply arent paying much attention to the issue. Lawmakers haven't rushed to join Lieu in calling for VEP changes. There have only been a few hearings on ransomware in recent years, and no pending legislation mentions either ransomware or the VEP.

Martin Matishak contributed to this report.

Missing out on the latest scoops? Sign up for POLITICO Playbook and get the latest news, every morning in your inbox.

See original here:
Why people are blaming the global cyberattack on the NSA - Politico

New York Times

Malware Case Is Major Blow for the NSA New York Times In 2013, Edward J. Snowden gave journalists hundreds of thousands of N.S.A. documents he had taken as a contractor, igniting a global debate over the agency's targeting of allies as well as foes. Last August, shortly after the Shadow Brokers' debut, ... NSA officials worried about the day its potent hacking tool would get loose. Then it did.Washington Post After WannaCry, ex-NSA director defends agencies holding exploitsTechCrunch Hacker group that leaked NSA spy tools likely includes a US insider, experts sayMiami Herald Reuters -CNET -FCW.com all 42 news articles »

See the article here:
Malware Case Is Major Blow for the NSA - New York Times

20

Let friends in your social network know what you are reading about

The National Security Agency has an answer to Microsoft blaming it for the attack that hit 150 countries.

Try Another

Audio CAPTCHA

Image CAPTCHA

Help

CancelSend

A link has been sent to your friend's email address.

A link has been posted to your Facebook feed.

These simple steps will help keep your computer from becoming the next ransomware target. USA TODAY

A screen shot of the page computers infected with the WannaCry ransomware variant display.(Photo: Proofpoint)

SAN FRANCISCO The National Security Agency has an answer to Microsoft blaming it for a global ransomware attack.

In a White House press briefing onMonday,U.S. homeland security adviser Tom Bossert said the code "was not a tool developed by the NSA to hold ransom data. This was a tool developed by culpable parties, potentially criminals or foreign nation-states."

He did not address the issue of whether the original exploitable flaw the ransomware was based on came from NSA cyber tools.

How U.S. dodged a bullet in Friday's massive global ransomware attack

Microsoft on massive ransomware attack: nations must not hoard cyberweapons

Symantec later said there were indications the ransomware-inspired attack was associated with the Lazarus group, which is tied to North Korea.

On Sunday, the software giant said the WannaCry malware program that spread to more than 200,000 machines in 150 countries last weekendwas the latest example of what happens whenvulnerabilities stockpiled by organizations such as NSA escape into the virtual wild.The malware behind WannaCry was reported to have been stolen from the NSA in April.

"We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world," Brad Smith, Microsoft's chief legal counsel, said in a blog post. "Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage."

The ransomware relies on a flawin the Windows 10 code for whichMicrosoft issued apatchon March 14.

Read or Share this story: https://usat.ly/2qlKHqp

Read this article:
NSA says it was not origin of ransomware that hit Microsoft's Windows - USA TODAY

An international cyberattack that occurred during the weekend is believedto have been perpetrated with tools that were stolen from the National Security Agency.

The so-called ransomware attack impacted more than 200,000 computers in more than 150 countries by freezing hard drives and servers until a ransom was paid, according to a report by The Week. The main victim was theRussian cybersecurity firm Kaspersky Lab, which has caused consternation among many Russian officials.

As Frants Klintsevich, a high-ranking official in the Russian Senates defense committee, told the state-run news agency Tass, Humanity is dealing here with cyberterrorism. Its an alarming signal, and not just a signal but a direct threat to the normal functioning of society, and important life-support systems.

Russian officials are divided as to whether the United States government was responsible for the attack. Some claim that it was retaliation for the alleged Russian meddling in the 2016 presidential election (which the Russian government denies), while others argue that the United States wouldnt engage in actions that would so clearly be considered an act of war.

Either way, the perpetrator of the attacks is believed to have used NSA tools that were stolen from the American agency. Most of the damage inflicted by the cyberattacks occurred in Europe and Asia.

The recent attack is at an unprecedented level and will require a complex international investigation to identify the culprits, said Europol in a statement. The Joint Cybercrime Action Taskforce (JCAT), at EC3 is a group of specialist international cyber investigators and is specially designed to assist in such investigations and will play an important role in supporting the investigation.

Read more here:
Stolen NSA tools used in international cyberattack - Salon.com - Salon

The group that released the likely NSA-designed hacking tool used in the international "Wanna Cry" ransomware attack announced a monthly subscription service Tuesday for its remaining cache of stolen documents.

The anonymous ShadowBrokers, who have been periodically releasing source code and documents believed to have been stolen from the National Security Agency since the summer, announced the new monetizationscheme in a post early Tuesday morning. The message was written in broken English typical of the group.

"Is being like wine of month club. Each month peoples can be paying membership fee, then getting members only data dump each month. What members doing with data after is up to members," the Brokers wrote.

Ransomware is a type of malware that encrypts a target's files, with the attacker providing the decryption key only after a ransom is paid, usually in bitcoins.

ShadowBrokers first leaked files in August it claimed were from a vaunted NSA-affiliated hacking operation known as the Equation Group, advertising an auction for the files. The files contained previously unknown, working techniques to bypass security hardware from major manufacturers. The release lead to a scramble to patch those products.

The Intercept reported that evidence within the leaked source code showed that the Brokers were correct about the files' provenance.

Though the files appeared to be real, ShadowBrokers failed multiple times to sell the tools, in part because of the lopsided terms they required for potential buyers.

In January the group sent a goodbye post, but returned in April to release a package of Windows hacking tools that included the one used in Wanna Cry. The April release was presented as a protest against President Trump for becoming more centrist and turning his back on the hard-right base that got him elected. In it, the Brokers claimed to be Trump voters.

In their Tuesday post, the Brokers say data from that hacking operation and from other high-profile hacking operations might be included in the "wine of the month" club.

Tuesday's post, titled "OH LORDY! Comey Wanna Cry Edition," also takes shots at Windows network administrators that did not update their software in time to stave off Wanna Cry noting that the group announced early on in their campaign what files it had to release, giving people some notice to patch their systems.

"TheShadowBrokers is feeling like being very responsible party about Windows dump. Do thepeoples be preferring theshadowbrokers dump windows in January or August? No warning, no time to patch? this is being theshadowbrokers version of alternative facts," wrote the group.

Read this article:
NSA leakers to offer monthly 'wine' club for stolen hacking tools - The Hill

The U.S. National Security Agency could have headed off the global ransomware attack that has crippled hospitals, train stations and other infrastructure around the world, according to Edward Snowden, the former CIA contractor and whistleblower.

They knew about this flaw in U.S. software, U.S. infrastructure, hospitals around the world, these auto plants and so on and so forth, but they did not report it to Microsoft until after the NSA learned that that flaw had been stolen by some outside group, Snowden said Monday.

Related: What is ransomware? Computers around the world infected by malware demanding money

Subscribe to Newsweek from $1 per week

The fugitive former private security contractor made his remarks during a speech on privacy and security delivered via satellite from Moscow to a Washington, D.C., conference on big data. The conference, organized by a former Google executive, Travis Jarae, founder and CEO of One World Identity, has drawn 800 industry experts from data collection and cybersecurity firms, as well as government lawyers, to discuss questions about online identity, security and privacy.

Snowden in 2013 downloaded and then publicized an estimated 1.7 million documents related to global and domestic U.S. surveillance programs, which the Pentagon has said is the largest trove of American secrets ever purloined. Federal prosecutors subsequently charged him with theft and Espionage Act violations. Since 2013, he has been living in Moscow.

Beamed by satellite onto huge screens in the Ronald Reagan Building and International Trade Center, a federal building a few blocks from the White House, Snowden blamed the NSA for the unprecedented power of the so-called wannacry virus, which is being blamed for the worlds biggest cyberattack, affecting 150 countries so far. Among the affected in the U.S. have been Fedex and Nissan; in China, colleges and gas stations; in India, the state police; in Russia, the Central Bank, Russian railways and the Interior Ministry; and in the U.K., at least 16 National Health System hospitals.

It is still unclear who released the virus or exactly why.

Had the NSA not waited until our enemies already had this exploit to tell Microsoft, [so that] Microsoft could begin the patch cycle, we would have had years to prepare hospital networks for this attack rather than a month or two, which is what we actually ended up with, Snowden said.

Members of the audience submitted questions to the 33-year-old. One asked for his number one piece of advice for balancing privacy and security. Snowden said companies should opt for the bare minimum in determining what information they harvest and save about customer behavior, and urged them provide users with an opt-out from data collection upfront. He accused companies that say they are collecting data to improve products and services of using a legal fiction to collect data in order to monetize it, generating an extra source of revenue.

He compared the psychological effects of unchecked mass data collection to an errant high school kid being threatened that certain behavior would remain on his or her record. In a world of mass tracking and commercial and government data collection, he said, you have a permanent record that can never be erased.

A child thats born in this world wont have the same benefit you had of saying something stupid that they can move on from, he said. When people can be tracked and have no way to live outside this chain of records, what we have become is a quantified spiderweb. Its a very negative thing for a free and open society. Now, everybody in the world will think twice before they even open their mouth. That is a very, very dark future. But its not inevitable. You should reflect: Is that something we can do? Or should do?

See more here:
Edward Snowden Slams NSA Over Ransomware Attack - Newsweek