Slashdot Mirror

← Back to Stories (view on slashdot.org)

How The US Will Likely Respond To Shadow Brokers Leak (dailydot.com)

Posted by BeauHD on from the decisions-decisions dept.

blottsie writes: The NSA and FBI are both expected to investigate the leak of NSA-linked cyberweapons this week by an entity calling itself the Shadow Brokers, experts with knowledge of the process tell the Daily Dot. However, multiple experts say any retaliation by the U.S. will likely remain secret to keep the tactical advantage. Meanwhile, Motherboard reports that some former NSA staffers believe the leak is the work of a "rogue NSA insider." "First, the incident will be investigated by the National Security Agency as it tracks down exactly what went so wrong that top-secret offensive code and exploits ended up stolen and published for the world to see," reports Daily Dot. "An FBI counterintelligence investigation will likely follow, according to experts with knowledge of the process. [...] Following the investigation, the NSA and other entities within the United States government will have to decide on a response." The response will depend on a lot of things, such as whether or not an insider at the NSA is responsible for the breach -- a theory that is backed by a former NSA staffer and other experts. "The process is called an IGL: Intelligence Gain/Loss," reports Daily Dot. "Authorities suss out a pro and con list for various reactions, including directly and publicly blaming another country. [Chris Finan, a former director of cybersecurity legislation in the Obama administration and now CEO of the security firm Manifold Technology, said:] 'Some people think about responding in kind: A U.S. cyberattack. Doing that gives up the asymmetric response advantage you have in cyberspace.' Finan urged authorities to look at all tools, including economic sanctions against individuals, companies, groups, governments, or diplomatic constraints, to send a message through money rather than possibly burning a cyberwar advantage. Exactly if and how the U.S. responds to the Shadow Brokers incident will depend on the source of the attack. Attribution in cyberwar is tricky or even impossible much of the time. It quickly becomes a highly politicized process ripe with anonymous sources and little solid fact."

6 of 110 comments (clear)

  1. Easy. by wierd_w · · Score: 5, Insightful

    1) there will be a witch hunt.
    The nsa will investigate its own employees against its already existing psych profile sheets to see who is the most likely to have been motivated to steal the data. Then they will set up an internal emtrapment scenario to catch the leaker red handed. They will then be charged with federal espionage, and put into prison.

    2) the same investigation will sift out accomplices and contacts. The trap will not be sprung until positive id has been made on all members of the cell.

    3) the nsa will not directly move against the other members of the cell. Instead it will monitor, and selectively leak false intel to this cell, making it ineffectual, or worse, countereffectual to the foriegn government operating it.

    4) if deemed useful to do so, the cell will be infiltrated with a new "insider", who will actually be collecting and analyzing the cells instructions to better predict and respond to the foriegn power's activities.

    Really, this is not hard.

    1. Re:Easy. by Anonymous Coward · · Score: 5, Insightful

      Sorry for my sloth but....am I correct in understanding that the NSA knew about security holes in important aspects of our cyber infrastructure, and rather than report them so they could be fixed, they sat on them so they could use them "to protect us"?

      They knowing left these holes open, with no idea (nor any way of knowing) whether or not any criminals were exploiting these holes already, to our detriment?

      I'd say they aren't just failing to do their job, they are knowingly doing the opposite of their job. Their conscious inaction put at-risk those they are supposed to protect, is therefore unethical, and constitutes an enormous breach of trust given their position of authority.

      They should all burn. I don't give a shit who spilled the beans, I want the decision-makers at the top to be thrown in jail for this.

      Of course...I am not super-rich, so I won't get my way.

  2. Unsurprising by z0idberg · · Score: 5, Insightful

    Not one of the steps involves questioning whether the NSA should be sitting on these 0-day exploits for their own use for years and leaving their own citizens and companies vulnerable to attack, rather than notifying the owners of the code and getting them patched.

    First order of business is finding out who let the cat out of the bag and getting retribution.

  3. If only they could actually learn... by Anonymous Coward · · Score: 2, Insightful

    If the NSA, CIA and FBI would actually use their powers for good and share the information they find to make our systems more fortified we'd be much better off than letting these exploits continue. They sure as fuck are not plugging the holes in their systems or other government systems, they just exploit them. They let our financial industry run around with the same exploits they know about and they are dumb as fuck to think that someone else China, Russia, you name it, are not also discovering these exploits. As we can see they were used on the NSA. What a bunch of retarded idiots.

    It's much easier and cheaper to defend and create strong defenses than it is to attack and exploit weakness. Why don't they work with everyone and plug the holes, create truly unbreakable encryption and let's move forward. You do not need weak encryption to catch the bad guys. The bad guys ALWAYS ultimately will have a weak link who will bring down an organization. If you're always working on a strong defense nobody is going to penetrate, but if you're always trying to attack, someone will penetrate your weak defenses because you're focusing on attacking.

    To bad power hungry assholes can't see that working together benefits all everyone, where as the constant fighting ultimately doesn't benefit anyone except for a very tiny few.

  4. The "rogue NSA agent" by zedaroca · · Score: 4, Insightful

    Just gave security to a lot of previously unprotected American citizens and foreigners.
    It seems like the only agents worth their food are the rogue ones.

  5. Re:Yea by saloomy · · Score: 4, Insightful

    They will conduct a witch hunt in public, of course. Their response will be in public, of course. The blame will be covered well by the media, the retaliation made public. Not to set an example. No. The real reason all of this will be done in public is because it keeps the media (and everyone the media then manipulate into accepting that the important things are whatever the media spins in our "culture of outrage") focused on the wrong thing.

    Keeping the conversation on the leaker, and not what is being leaked, is the only way for them to perpetuate their continued violation of law, their intelligence systems functional, funded, and their ability to persecute whomever they want, for whatever they want, liberty be damned.

    What we should be talking about is: How can they sit by in good conscience, and exploit the mistakes of the very industry that boosts the economy of the 21st century? How can they leave us exposed? How do they expect other governments (of countries more populated than we are) to not have the same skill set to discover these flaws? Where is our protection?

    The intelligence community has clearly lost track of its real mandate. It needs to be disassembled and rebuilt from the ground up. J Edgar's legacy is alive and well, and it is a pox on our house. Focus on that, and thank the leakers, whomever they are for pressing this issue with the American people.