Snowden Slams Sloppy NSA As the World's Computer Systems Are Held to Ransom

CC0 / Pixabay / Surveillance
Surveillance - Sputnik International
Security experts including National Security Agency whistleblower Edward Snowden have hit out at the NSA, which failed to prevent its tools being used to carry out a major cyber-attack on infrastructure across the world.

Security experts including National Security Agency whistleblower Edward Snowden have blamed the intelligence agency for failing to inform potential targets about their vulnerability to cyber-attack.

​On Friday, computer systems across the world were attacked by hackers in an attack dubbed WannaCry," which uses an NSA exploit codenamed EternalBlue that was one of several tools leaked by the Shadow Brokers last month.

The tool exploits a vulnerability in Microsoft's Server Message Block which allows attackers to crash systems with a denial of service attack. After scrambling computer files, the malware demands $300 in Bitcoin to restore documents.

According to Kaspersky Lab, the cyber-attack has hit as many as 74 countries, including Russia, Ukraine and India.

​The infections have disabled at least 16 hospitals in the UK, Spain's main telecommunication services provider Telefonica, some Italian universities as well as some FedEx computers. 

​"Global Trojan attack: the German railway is also affected, all systems are down."

Edward Snowden, the whistleblower who first revealed the existence of the NSA's global espionage program in 2013, also commented on the hack.

​​Last month, the Shadow Brokers hacking group released documents containing vulnerabilities identified by the NSA and hacking tools developed by the intelligence agency to break into Windows computers.

Shadow Brokers made the exploits public after the NSA left their arsenal of hacking tools on a server ‘in the wild,’ allowing them to be picked up by any hacker who stumbled upon them.

​Then, Snowden raised the issue of whether the NSA would be liable for any consequent hack using the tools.

​​The Shadow Brokers' file dump included 23 new hacking tools named OddJob, EasyBee, EternalRomance, FuzzBunch, EducatedScholar, and others. The tools are capable of breaking into computers running versions of the Windows operating system which are earlier than the most recent Windows 10.

Shortly after the hack, IT security expert Tiago Henriques of Binary Edge told Sputnik that an NSA hacking tool called Doublepulsar had already infected millions of machines worldwide and was using them as botnets to attack others.

Restore the Fourth protest at AT&T - former site of secret NSA room - Sputnik International
'Powerful Agency': Does Secret Court Order Mean NSA No Longer 'Omnipotent'?
Henriques said that larger organizations are particularly at risk from the NSA hacking tools, because they take longer to update their systems with the latest Microsoft security patch.

"Unfortunately for some companies, (for example) banks that transfer entire GDP's of countries across their networks in a day, it's very hard to just update because these are very critical systems and if they go down or something goes wrong with the update, it causes a huge business impact," Henriques explained.

Henriques said the most important thing users can do to prevent such an attack is to update their system with the latest version of their software.

"If you are a home user, upgrade to the latest software and of course properly configure your firewalls. If you are exposing a service to the internet, allow only specific addresses to connect to that service, instead of the entire internet," Henriques advised.

To participate in the discussion
log in or register
Заголовок открываемого материала