What the NSA Hack Says About Cyber Security in America

In a Mr. Robot episode come to life, an anonymous group of hackers calling themselves the Shadow Brokers has compromised the U.S. National Security Agency (NSA). The NSA hack involved the release of elite hacking tools used by the spy agency to conduct cyber espionage. The Washington Post reports:

A cache of hacking tools with code names such as Epicbanana, Buzzdirection and Egregiousblunder appeared mysteriously online over the weekend, setting the security world abuzz with speculation over whether the material was legitimate.

The file appeared to be real, according to former NSA personnel who worked in the agency’s hacking division, known as Tailored Access Operations (TAO).

“Without a doubt, they’re the keys to the kingdom,” said one former TAO employee, who spoke on the condition of anonymity to discuss sensitive internal operations. “The stuff you’re talking about would undermine the security of a lot of major government and corporate networks both here and abroad.”

The NSA hack is sending shockwaves through the cyber security industry, not just because one of the most secure systems in the world just got hacked, but also because the hack didn’t just expose government secrets; it exposed significant zero-day vulnerabilities at major U.S. corporations, including companies that, ironically, sell enterprise cyber security services.

While there are rumors that the Shadow Brokers are Russian nation-state hackers, no one knows for certain. No one knows how the Shadow Brokers managed to access the NSA’s data, either. The NSA is refusing to comment on the leak. However, since nearly all data breaches are the result of hackers getting their hands on legitimate login credentials, either through carelessness or malicious intent on the part of an organizational insider, it’s reasonable to theorize that the leak originated within the NSA. It could have been as simple as an employee clicking on a phishing email or sticking an infected flash drive into a machine.

The NSA hack also begs the question, if a covert government spy agency’s data isn’t secure, what’s the state of everyone else’s information security? From a rash of ransomware attacks on the healthcare industry, to an epidemic of tax data spear phishing schemes, to the hijacking of the SWIFT Network bank messaging system, to the Wendy’s POS data breach, to an amateur managing to hack the Houston Astros database, to information security providers being caught with their pants down in the NSA breach, 2016 has been a banner year for cyber criminals – and we’ve got four more months to go.

Rather than panicking, now is the time to ask yourself, how secure are your organization’s systems? Are you approaching your cyber security proactively, or are you taking a reactive approach, scrambling to clean up the mess once a breach has occurred? Have you been trying to handle your cyber security in-house but are struggling to keep up with all of the new technological advances and cyber security threats? Do you suspect there are hackers in your system right now, either from the outside or within your organization, but you don’t know to find and deal with them, and then keep new ones from coming in?

You’re not alone. Today’s information systems are increasingly complex, and so are the attacks that hackers launch on them. Many organizations simply do not have the resources to handle all of their information security needs in-house, and they find that scrambling to do so leaves them with lax information security while taking away time and resources from their core competency.

The NSA hack should be a wakeup call to organizations in all industries and of all sizes to reevaluate their cyber security efforts and, if they have not already done so, enlist the services of a professional cyber security firm to ensure that they are fully protected.

The cyber security experts at Lazarus Alliance have deep knowledge of the cyber security field, are continually monitoring the latest information security threats, and are committed to protecting organizations of all sizes from security breaches. We offer full-service risk assessment services and Continuum GRC software to protect companies from data breaches, ransomware attacks, and other cyber threats.

Lazarus Alliance is proactive cyber security®. Call 1-888-896-7580 to discuss your organization’s cyber security needs and find out how we can help secure your organization’s data.