Home Security Russia tied to leak of hacking tools, Democrat data

Russia tied to leak of hacking tools, Democrat data

NSA whistleblower Edward Snowden and security expert Dave Aitel both say that a leak of advanced hacking tools, most likely belonging to the American government, is connected to the hacking and leaks of material from the US Democratic party.

And both security experts also say that the nature of the leak and the type of material leaked indicate that a state player is behind it: almost certainly Russia, they conclude.

Snowden made his claim in a series of tweets, while Aitel, who worked for the NSA for six years before he set up his own security company, Immunity, made his case in a blog post.

The leak of material dating back to 2013 was done by a group calling itself Shadow Brokers that claimed it had hacked Equation Group, a highly sophisticated outfit that has been strongly suspected of being an offshoot of the NSA.

Written in poor English, the original post by Shadow Brokers has been deleted but the technology website Ars Technica linked to an archived version in Google's cache. Ars has several detailed reports on the development, all of which are worth a read.

The post also had links to what were claimed to be advanced hacking tools.

The security firm Kaspersky, which last year (see embedded video below) provided a detailed analysis of the Equation Group, confirmed that the tools belonged to this group.

"While we cannot surmise the attacker's identity or motivation nor where or how this pilfered trove came to be, we can state that several hundred tools from the leak share a strong connection with our previous findings from the Equation group," the company said.

Snowden said the leak was most likely "a warning that someone can prove US responsibility for any attacks that originated from this malware server".

He added that it looked like somebody was "sending a message that an escalation in the attribution game could get messy fast".

"NSA malware staging servers getting hacked by a rival is not new. A rival publicly demonstrating they have done so is," Snowden said.

The hacks of emails from the Democratic National Committee led to the resignation of its chairperson Debbie Wasserman Schultz and a few other officials. A separate break-in resulted in a dump of personal information of serving Democrats, all of it from material that had been exfiltrated from the Democratic Congressional Campaign Committee.

Aitel said the timing of the leak, the mention of corruption and elections in the release, the fact that it had been kept quiet for three years, and the risk of annoying the Equation Group this much all pointed to a big player: "Level of difficulty: Very Experienced Nation State."

WikiLeaks has claimed it has the same material as that stolen by Shadow Brokers and has said it will post it after it is suitably sanitised. The group was criticised recently by Snowden for releasing material from the DNC that included personal details.


Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips



Ransomware is a type of malware that blocks access to your files and systems until you pay a ransom.

The first example of ransomware happened on September 5, 2013, when Cryptolocker was unleashed.

It quickly affected many systems with hackers requiring users to pay money for the decryption keys.

Find out how one company used backup and cloud storage software to protect their company’s PCs and recovered all of their systems after a ransomware strike.


Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.


Popular News