NSA Hackers The Shadow Brokers Dump More Files

The hacker (or a group of hackers) who call themselves The Shadow Brokers today published more files. From an article on Motherboard: This latest release comes while Hal Martin, an NSA contractor and, according to The Washington Post , the prime suspect in The Shadow Brokers case sits in detention after being arrested for allegedly stealing swaths of classified material. "TheShadowBrokers is having special trick or treat for Amerikanskis tonight," a message from the hackers posted to Medium reads. The message is signed with the same PGP key used to sign several previous posts, including the group's original announcement that came with links to a slew of NSA exploits. As for the files, The Shadow Brokers claim they reveal IP addresses linked to the Equation Group, a hacking unit widely believed to be tied to the NSA. "This is being equation group pitchimpair (redirector) keys, many missions into your network is/was coming from these ip addresses," The Shadow Brokers' post continues.The report adds that the dump contains 300 folders of files -- all corresponding to different domains and IP addresses. Security researcher who goes by the alias Hacker Fantastic the dump contains 306 domains and 352 IP addresses relating to 49 countries in total. "If accurate, victims of the Equation Group may be able to use these files to determine if they were potentially targeted by the NSA-linked unit."

Typing with a Russian accent

[penguinoid]

It's rather meaningless that someone accused of stealing information is in prison when some of the information was released. It does bring a smile to my face that their announcement is written in "Russian accent" English, especially with all the blaming Russia because we don't like the leaked info going around.

Re:Typing with a Russian accent

[butzwonker]

I feel sorry for Harold T. Martin. He seems to be a hard working guy with a lax sense of operational security, not a criminal. Hard to see any connection to the Shadow Broker.

Re:Typing with a Russian accent

[XXongo]

"Lax sense of operational security" you say? That seems to mean, here, that he took home a metric ton of hard drives with classified stuff on them. - if you want to be sympathetic to him, maybe he was just an obsessive compulsive hoarder, but it seems to go a bit beyond merely a "lax sense of security"-

Re:Typing with a Russian accent

[FatdogHaiku]

...It does bring a smile to my face that their announcement is written in "Russian accent" English...

Am not seeing what is to be smiling about!
You perhaps are working with Moose and Squirrel?

Re:Typing with a Russian accent

Maybe he didn't 'intend' to do that?
Maybe he thought it was 'mistake' and 'won't do it again'
or maybe 'he wouldn't do it again'
Maybe he 'didn't understand the markings'
Maybe he thought keeping the stuff 'at home' in his 'personal storage' was okay?
Maybe his security training was provided by the Secretary of State?

Re:Typing with a Russian accent

[TFlan91]

My wife is eastern european, she constructs her english sentences (sometimes) in the way her native language structures their sentences.

Typing with an accent is a real thing.

Re:Typing with a Russian accent

[another_twilight]

I see the '50TB' number thrown about a lot, but the original FBI 'Criminal Complaint' says;

7. Among the classified documents located thus far, six of them appear to have been obtained from sensitive intelligence

and goes on to talk about the markings on the documents that identify them as belonging to the government. The next part that seems interesting

10. During execution of the warrants, investigators located property of the United States with an aggregate value in well excess of $1000, which MARTIN had stolen.

And then talks a bit about the $1000+ worth of stolen goods.

I'm genuinely curious. Is $1000 a magic number that makes this a certain class of crime? I've seen it suggested that the 50TB represents the total capacity of the storage he had taken, not the volume of the data. Are you aware of any further information about what has actually been taken?

Just from the Complaint, it could just as well be someone who has been in the job long enough that they have been careless about what work they take home, and who has been 'salvaging' old kit from work. Or he really could have 50TB of classified data and just been profoundly arrogant about being caught - but I'd like some more evidence of it before I make up my mind.

(quotes from http://www.documentcloud.org/d...; linked from the wikipedia entry. Caveat, I haven't spent much time digging)

Networks aren't secure

[110010001000]

No network is secure. The very concept of security is antithetical to what networks are about: sharing information. Any attempts to add security to networks is ultimately useless. Of course people will get mad to me for saying this, but this is proven over and over again: once information is on a network - it is shared. Due to the way networks are constructed there is no way to reliably exclude the sharing of the information, because there is no way to reliably validate connected endpoints. An endpoint can be a computer, a router or some guy plugging in a thumbdrive. Intelligence agencies need to stop using computer networks for sensitive information. The bigger the network, the more insecure it is. And the agencies have large networks.

Re:The fake Russian accent is so bad

[Opportunist]

Using that accent is actually pretty smart. Yes, it's fake, but it's supposed to be fake. That's the whole point.

A person's writing gives his origin away. If he is a non-native speaker, the way he words certain phrases and certain mistakes, grammatical or orthographic, he makes give an analyst an idea what his native language would be. Even if he is a native speaker, certain idioms and expressions can lend a hint to his origin, at the very least you'd be able to find out whether he's English, Aussie or American, and it's even likely that you can pinpoint him more exactly.

You pretty much eliminate this threat by putting on a fake accent. Then it becomes a bit like reading old Soviet Pravda for the analyst: Which of the thousands of lies is actually true?

Bunch of clowns

[dcollins117]

This is the National Security Agency we're talking about. The narrative we're supposed to believe is that these are the best and brightest security professionals on the planet. All evidence suggests otherwise, with terabytes of classified information being carted out their own doors.

You'd think they would focus more on their own operational security and less on violating the civil liberties of normal, law-abiding American citizens, and yet they don't. What does that tell you.

Re:Bunch of clowns

[AmiMoJo]

They can't be the best, because the following groups of people won't work for them:

- People with a conscience
- People who care about the Constitution
- People who want to be really well paid
- People who can't get security clearance (previous crimes etc.)
- People who don't want security clearance (due to background checks etc.)

In fact I imagine they have suffering from a bit of a brain-drain since the Snowden revelations. You see a lot of ex-NSA people on LinkedIn, often leaking the codenames of the top secret projects they were working on via the CVs.

Re:The fake Russian accent is so bad

[imatter]

Yep given the accent, they are trying to pin it on FPS Russia.