Click to Skip Ad
Closing in...

Yup, Russia was probably behind that NSA hack

Published Aug 17th, 2016 9:00PM EDT

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

The NSA was hacked by a group that calls itself Shadow Brokers, a report earlier this week revealed, with some of the stolen cyberweapons being auctioned off to the highest bidder. Since then, experts who have seen some of the stolen files believe that the NSA has indeed been hacked, with Russia being one of the prime suspects. As for the strange auction itself, it looks like nobody is really interested in paying for the hacked documents at this point.

DON’T MISS: iPhone 7: Our biggest question was just answered

A new report from Business Insider reveals that the NSA itself was not hacked. However, a server used by the Equation Group, a highly sophisticated cyber-security company that’s believed to support the NSA’s Tailored Access Operations (TAO) hacking group, was hit.

Security researchers who have seen the stolen data believe it’s authentic, including Kaspersky researchers and Nicholas Weaver.

Even Edward Snowden commented on the matter, suggesting that a server may have been hit. “NSA malware staging servers getting hacked by a rival is not new,” he said on Twitter. “A rival publicly demonstrating they have done so is.”

Meanwhile, some security experts believe that Russia is behind the hack. There’s no real proof for now, but considering the timing and nature of the attack, security experts see the country as a potential backer of the Shadow Brokers.

“High level US political officials seemed quite upset about the DNC hacks, which no doubt resulted in a covert response, which this is then likely a counter-response to,” former NSA employee Dave Aitel said. “No team of ‘hackers’ would want to piss off Equation Group this much. That’s the kind of cojones that only come from having a nation state protecting you.”

“The list of suspects is short: Russia or China,” Weaver said. “And in the context of the recent conflict between the US and Russia over election interference, safe money is on the former.”

Even Snowden said the attack might be a warning to the US against accusing Russia publicly of hacking the DNC.

As for the contents of the files stolen from the NSA computer, nobody is really looking to buy them, Wired reports. With over 24 hours having passed since the auction was made public, the highest bid is at $937.15. That’s nowhere near the asking price of 1 million bitcoin that the hackers are looking for (that’s $576 million).

The auction is rather strange and isn’t really an auction, per se. The Shadow Brokers expect bidders to pay in advance, with the highest bidder set to receive the stolen cyeberweapons. Everyone else would lose their bids.

However, the attackers – if they’re indeed enemies of the US – may be more interested in sending a message than making any money off the hack. “This leak is likely a warning that someone can prove US responsibility for any attacks that originated from this malware server,” Weaver wrote. “That could have significant foreign policy consequences. Particularly if any of those operations targeted US allies….Particularly if any of those operations targeted elections.”

Chris Smith Senior Writer

Chris Smith has been covering consumer electronics ever since the iPhone revolutionized the industry in 2008. When he’s not writing about the most recent tech news for BGR, he brings his entertainment expertise to Marvel’s Cinematic Universe and other blockbuster franchises.

Outside of work, you’ll catch him streaming almost every new movie and TV show release as soon as it's available.