The theft of hacking tools and exploits reportedly stolen from the National Security Agency (NSA) has helped vindicate Apple’s position in its privacy dispute with the FBI earlier this year, say a number of privacy advocates. Last week saw reports that a hacker group, known as the “Shadow Brokers,” has stolen a collection of the NSA’s top espionage tools, and were offering them to the highest bidder.
The malware was linked to the “Equation Group“, a secretive team of cyber spies widely believed to be associated with the NSA and its state partners. The hacking collective that stole the malware posted two sets of files, including a free sample of the stolen data, which dates back to 2013, and a second encrypted file whose decryption key went up for sale in a bitcoin auction. Many saw the auction as a stunt.
However, the attack code published by the hackers proved to be genuine, according to former NSA personnel.
“Without a doubt, they’re the keys to the kingdom,” said one former TAO employee, who spoke to The Washington Post on the condition of anonymity to discuss sensitive internal operations. “The stuff you’re talking about would undermine the security of a lot of major government and corporate networks both here and abroad.”
News of the leak has to have been privately met with a bit of glee and self-satisfaction by technology companies, like Apple, who have been fighting against a government attempt to provide government investigators with a way to access locked data.
The FBI had claimed such a “backdoor” to electronic devices was required to gain access to information they said could help them investigate in the case of such incidents as the December 2015 San Bernardino terrorist attack. One of the shooters used an iPhone 5c, which was locked via a passcode. The government urged Apple to give them a backdoor to unlock the device without erasing the data. Apple refused, claiming any such backdoor would lead to weaker encryption, and could fall into the wrong hands.
Perhaps the best comment on the theft of the NSA tools came from Christopher Soghoian, Principal Technologist with the Speech, Privacy, and Technology Project at the American Civil Liberties Union:
https://twitter.com/csoghoian/status/765785340892372992?ref_src=twsrc%5Etfw