Cisco confirms Shadow Brokers vulnerabilities are real
Concerns are rising over the security and integrity of NSA data
Cisco has confirmed two exploits in a cache of "cyber weapons" are legitimate, prompting fears over the security of NSA data.
A group calling itself Shadow Brokers claimed it had cracked into an NSA-associated hacking group earlier this week, alleging it was auctioning off a collection of malware files belonging to NSA-linked cyber attack group Equation Group.
The confirmation follows speculation Russia was responsible for the hack, though there is little evidence to prove this is the case.
The files, described as "cyber weapons", are being auctioned off by the group for bitcoin. Shadow Brokers says it could release the code to the files for free if it passes its target of one million bitcoins.
The amount is equivalent to one fifteenth of the total amount of bitcoin in circulation, according to Kaspersky.
The security company said it had a high degree of confidence that the Shadow Brokers' tools are related to the Equation Group, and that the chances they are faked are "highly unlikely".
Whistle-blower organisation WikiLeaks said it had obtained its own copy of the archive, which it plans to release "in due course".
Edward Snowden has suggested the breach is a warning that if the US accuses Russia of hacking into the Democratic National Party (DNC) and leaking private documents, it will leak confidential US cyber intelligence in response.
"I suspect this is more diplomacy than intelligence, related to the escalation around the DNC hack," he tweeted. "This leak is likely a warning that someone can prove US responsibility for any attacks that originated from this malware server ... that could have significant foreign policy consequences."
Digitally perfecting the supply chain
How new technologies are being leveraged to transform the manufacturing supply chainDownload now
Three keys to maximise application migration and modernisation success
Harness the benefits that modernised applications can offerDownload now
Your enterprise cloud solutions guide
Infrastructure designed to meet your company's IT needs for next-generation cloud applicationsDownload now
The 3 approaches of Breach and Attack Simulation technologies
A guide to the nuances of BAS, helping you stay one step ahead of cyber criminalsDownload now