World The hacking group that leaked NSA secrets claims it has data on foreign nuclear programs

08:42  17 may  2017
08:42  17 may  2017 Source:   The Washington Post

Global cyber attack fuels concern about U.S. vulnerability disclosures

  Global cyber attack fuels concern about U.S. vulnerability disclosures Some cyber security experts said the massive attack reflected a flawed approach by the United States to dedicate more cyber resources to offense rather than defense, a practice they argued makes the internet less secure. Across the U.S. federal government, about 90 percent of all spending on cyber programs is dedicated to offensive efforts, including penetrating the computer systems of adversaries, listening to communications and developing the means to disable or degrade infrastructure, senior intelligence officials told Reuters in March. (http://reut.

The hacking group that helped enable last week's global ransomware attack is threatening to make public even more computer vulnerabilities in the coming weeks - including "compromised network data " pertaining to the nuclear missile programs of China, Iran, Russia and North Korea, as well as secret

The hacking group that helped enable last week's global ransomware attack is threatening to make public even more computer vulnerabilities in the coming weeks - including "compromised network data " pertaining to the nuclear missile programs of China, Iran, Russia and North Korea, as well as secret

Staff monitor the spread of ransomware cyberattacks at the Korea Internet and Security Agency in Seoul, South Korea, on Monday. © YONHAP/AFP/Getty Images Staff monitor the spread of ransomware cyberattacks at the Korea Internet and Security Agency in Seoul, South Korea, on Monday. The hacking group that leaked the bugs that enabled last week's global ransomware attack is threatening to make public even more computer vulnerabilities in the coming weeks — potentially including “compromised network data” pertaining to the nuclear or missile programs of China, Iran, North Korea and Russia, as well as vulnerabilities affecting Windows 10, which is run by millions of computers worldwide.

A spokesperson for the group, which calls itself the Shadow Brokers, claimed in a blog post Tuesday that some of those computer bugs may be released on a monthly basis as part of a new subscription-based business model that attempts to mimic what has proved successful for companies such as Spotify, Netflix, Blue Apron and many more.

N.Korea says will have dialog with U.S. under right conditions - Yonhap

  N.Korea says will have dialog with U.S. under right conditions - Yonhap A senior North Korean diplomat who handles relations with the United States said on Saturday Pyongyang would have dialog with the U.S. administration if conditions were right, South Korea's Yonhap news agency reported. Choe Son Hui, North Korea's foreign ministry director general for U.S. affairs, made the comment to reporters in Beijing as she was traveling home from Norway, Yonhap said."We'll have dialog if the conditions are there," she told reporters when asked if the North was preparing to hold talks with the Trump administration, according to Yonhap.

The hacking group behind last week's global ransomware attack is threatening to make public even more computer vulnerabilities in the coming weeks — including "compromised network data " pertaining to the nuclear or missile programs of China, Iran, Russia and North Korea, as well as secret exploits

The hacking group that helped enable last week’s global ransomware attack is threatening to make public even more computer vulnerabilities in the coming weeks – including “compromised network data ” pertaining to the nuclear missile programs of China, Iran, Russia and North Korea, as well as secret

“Is being like wine of month club,” read the blog post, which is written in broken English. "Each month peoples can be paying membership fee, then getting members only data dump each month."

The move shows the growing commercial sophistication of groups such as the Shadow Brokers, which already has demonstrated a fearsome technical ability to compromise the world's top intelligence agencies. And it underscores the way much of the underground trade for computer bugs resembles a real-world commercial market.

Security experts have been analyzing the blog post for clues about the Shadow Brokers' intentions and capabilities.

“Simply by threatening another leak after leaking two sets of Microsoft exploits, Shadow Brokers will ratchet up the hostility between Microsoft and the government,” Wheeler wrote.

Microsoft didn't immediately respond to a request for comment. On Sunday, the company criticized the NSA for stockpiling digital weapons. The tech industry opposes efforts by the government to weaken the security of its products, while national security advocates say it could help combat terrorism.

Chinese state media says U.S. should take some blame for cyber attack

  Chinese state media says U.S. should take some blame for cyber attack Chinese state media on Wednesday criticized the United States for hindering efforts to stop global cyber threats in the wake of the WannaCry "ransomware" attack that has infected more than 300,000 computers worldwide in recent days. The U.S. National Security Agency (NSA) should shoulder some blame for the attack, which targets vulnerabilities in Microsoft Corp (MSFT.O) systems and has infected some 30,000 Chinese organizations as of Saturday, the China Daily said.

The NSA ’s hacking unit has been credited with sophisticated cyber weapons, including the code that is credited with crippling the Iranian nuclear program . A mysterious group calling itself the Shadow Brokers announced over the weekend that it had penetrated the NSA

Microsoft claims it has patched most of the exploited bugs. 14 Apr 2017 at 23:29, Iain Thomson. Updated The Shadow Brokers have leaked more hacking tools stolen from the NSA 's Equation Group – this time four-year-old exploits that attempt to hijack venerable Windows systems, from Windows

Although experts say the Shadow Brokers do not appear to have been directly involved in the WannaCry attack, leaking the exploit in the first place was a major step toward facilitating the cyberattack.

The group's new claim that it possesses information on the nuclear programs of state governments is extremely worrisome, said Joseph Lorenzo Hall, chief technologist for the Center for Democracy and Technology, a Washington think tank. "While they don't seem to have the most amazing PR department," he said, "they've already proved that they had some pretty serious access. The nuke facility stuff is particularly concerning, [speaking] as a former physicist.”

Previously, the group had sought to sell its hacking tools to the highest bidder. Few buyers came forward, the group said in its blog post. But now, the monthly subscription model might mean the bugs will find their way into the hands of more people, spreading far and wide, Hall said.

SECURITY EXPERT: 'Everything to do with the Korean­ Peninsula is hair-raising right now' .
As North Korea continues to develop its nuclear missiles program, pressure is mounting on Japan and South Korea to develop their own countermeasures. According to Australian foreign minister Julie Bishop, if North Korea was recognised as a nuclear weapons state, "then Japan and [South] Korea would have little option than to develop their own nuclear weapons capability".Her comments, published in The Australian, follow discussions with senior officials in South Korea and the US, revealing the rising tensions on the Korean­ Peninsula and what officials fear could become a nuclear arms race.

—   Share news in the SOC. Networks

Topical videos:

This is interesting!