How "Omnipotent" Hackers Tied To NSA Hid For 14 Years and Were Found At Last

Advocatus Diaboli writes The money and time required to develop the Equation Group malware, the technological breakthroughs the operation accomplished, and the interdictions performed against targets leave little doubt that the operation was sponsored by a nation-state with nearly unlimited resources to dedicate to the project. The countries that were and weren't targeted, the ties to Stuxnet and Flame, and the Grok artifact found inside the Equation Group keylogger strongly support the theory the NSA or a related US agency is the responsible party, but so far Kaspersky has declined to name a culprit. NSA officials didn't respond to an e-mail seeking comment for this story. What is safe to say is that the unearthing of the Equation Group is a seminal finding in the fields of computer and national security, as important, or possibly more so, than the revelations about Stuxnet.

How is this a good thing?

[stevedog]

I'm not sure how I see that this is a good thing. I know it's fun to hate on the intelligence community (I've done it too), especially when we feel like our own rights have been infringed, but are we really saying that we are in favor of anything which hampers the West's ability to take clandestine actions against other states? After all the complaining we do about Congress and all the bureaucracy that comes along with anything usually related to government, we are then saying that absolutely every hostile action should be subject to the same oversight that produces exactly that molasses-like barrier to actual results?

It is without question that, at times, the intelligence community must have overstepped its bounds, as any entity with that much power would on occasion. Maybe in their case that happens far more often than it should. But does that really mean they should have no real power at all?

Re:How is this a good thing?

[Kazoo+the+Clown]

So everyone should just leave their doors wide open so the cops never have to break a door down to nab a crook? Yeah, right. If the NSA can hack into our computers, the bad guys can too. The best way to improve cybersecurity is to fix all the exploitable holes they've been using. But instead of helping us to secure our systems they've left them vulnerable because they're too lazy to pound the pavement, get individual warrants and plant bugs. Having every computer system in the world remain vulnerable made their job easier, so they chose that route, which also made the bad guys efforts easier too. But hey, it's job security, eh?

Re:How is this a good thing?

How do you know they don't have a warrant? It seems like using md5 and sha1 hashes to ensure they are only targeting specific individuals smells like somebody with very specific instructions and stiff repercussions. Otherwise it would be easier to grab a pile of people and sort them out later.

Re:How is this a good thing?

[nbauman]

I think the intelligence community has done more harm than good more often than not.

I think American foreign policy has done more harm than good to America more often than not.

For example, look at the Iraq war. We destabilized that entire region of the middle east, and left it wide open for ISIS and other militant groups.

We supported the other "color" revolutions which also deposed effective dictators who were finally out of power after we supported them for so long. In every case the hippie revolutionaries were quickly brushed aside and replaced by really tough guys.

Same with Assad in Syria. When he loses control of a region, ISIS moves in. You notice that the U.S. has stopped calling for Assad to leave.

Re:Cover locations.

[St.Creed]

It's probably more a service for running associations.

Suppose you're a grocery and you would like to implement a membership card. Now you have to deal with lost cards, signups, people wanting to know how many loyality points they have, decide how many points to give for which purchase, what to give as a reward for points spent, etc. etc.

This type of company takes it all out of your hands, provides a pre-packaged membership club with set rewards, tiers, perks, whatever, and puts your brandname on top of the website, the loyalty card, and the brochures. The grocery probably pays a price per customer that's lower than when they would run it themselves, and the affiliate organisation has scale, so can run things cheaper while providing better service than a single company can do.