NSA website mysteriously went offline following cyberweapons hack
Suspected Russian hacking team called the Shadow Brokers leaked the data.
The website of the National Security Agency (NSA) was offline for nearly 20 hours this week in a mysterious outage that occurred after hackers with suspected Russian links claimed to have compromised hundreds of NSA-linked cyberweapons.
Between 15-16 August, users visiting the agency's website were greeted by the live homepage, however nearly every other link was met with an error message. According to Politico, a number of blog posts were still available as they were likely hosted on a separate server.
The exact timescale of the outage remains unclear and officials from both the NSA and the US Department of Defense (DoD) have so far declined to comment on the record. According to one unnamed source, who spoke to a reporter from FedScoop, the outage was blamed on an "internal review."
The outage occurred mere hours after a group called the Shadow Brokers leaked what purported to be over 300 'cyberweapons' used by an NSA-linked hacking collective called Equation Group, which is believed to have close links to the NSA's operations.
The trove of leaked hacking tools have been the focus of rampant analysis by cybersecurity experts since they appeared online on 13 August. Most recently, former NSA staffers with experience working in the agency's specialised hacking division, called Tailored Access Operations (TAO), said the leak appeared to be genuine.
Speaking with the Washington Post, one former TAO employee said: "Without a doubt, they're the keys to the kingdom. The stuff you're talking about would undermine the security of a lot of major government and corporate networks, both here and abroad."
Meanwhile, Nicholas Weaver, a senior researcher at the International Computer Science Institute in Berkeley, California, also believes the data to be legitimate. As previously reported he said it is likely to be "analyst-side code", adding it is "the kind that probably never leaves the NSA".
Russian cybersecurity firm Kaspersky Lab, which first exposed the Equation Group last year, has said that hundreds of the tools appear to be in line with its previous findings.
In a fresh analysis, it said: "While we cannot surmise the attacker's identity or motivation nor where or how this pilfered trove came to be, we can state that several hundred tools from the leak share a strong connection with our previous findings from the Equation group."
In terms of attribution for the hack, many experts are looking in the direction of the Kremlin. "Circumstantial evidence and conventional wisdom indicates Russian responsibility," tweeted Edward Snowden, the famous whistleblower who previously worked as an analyst for the NSA. "The hack of an NSA malware staging server is not unprecedented, but the publication of the take is," he added.
At the time of writing, the agency website is fully restored.
© Copyright IBTimes 2024. All rights reserved.