Close Menu
TechCentralTechCentral

    Subscribe to the newsletter

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    Facebook X (Twitter) YouTube LinkedIn
    WhatsApp Facebook X (Twitter) LinkedIn YouTube
    TechCentralTechCentral
    • News

      MultiChoice: We can’t afford to compete without help

      17 July 2025

      The internet’s weakest link is under the ocean

      17 July 2025

      AI misuse shakes South African courtrooms

      17 July 2025

      Boom gates go hi-tech at South African malls

      17 July 2025

      Megayachts and mansions: the lavish life of 80-year-old Larry Ellison

      17 July 2025
    • World

      Grok 4 arrives with bold claims and fresh controversy

      10 July 2025

      Samsung’s bet on folding phones faces major test

      10 July 2025

      Bitcoin pushes higher into record territory

      10 July 2025

      OpenAI to launch web browser in direct challenge to Google Chrome

      10 July 2025

      Cupertino vs Brussels: Apple challenges Big Tech crackdown

      7 July 2025
    • In-depth

      The 1940s visionary who imagined the Information Age

      14 July 2025

      MultiChoice is working on a wholesale overhaul of DStv

      10 July 2025

      Siemens is battling Big Tech for AI supremacy in factories

      24 June 2025

      The algorithm will sing now: why musicians should be worried about AI

      20 June 2025

      Meta bets $72-billion on AI – and investors love it

      17 June 2025
    • TCS

      TCS+ | Samsung unveils significant new safety feature for Galaxy A-series phones

      16 July 2025

      TCS+ | MVNX on the opportunities in South Africa’s booming MVNO market

      11 July 2025

      TCS | Connecting Saffas – Renier Lombard on The Lekker Network

      7 July 2025

      TechCentral Nexus S0E4: Takealot’s big Post Office jobs plan

      4 July 2025

      TCS | Tech, townships and tenacity: Spar’s plan to win with Spar2U

      3 July 2025
    • Opinion

      A smarter approach to digital transformation in ICT distribution

      15 July 2025

      In defence of equity alternatives for BEE

      30 June 2025

      E-commerce in ICT distribution: enabler or disruptor?

      30 June 2025

      South Africa pioneered drone laws a decade ago – now it must catch up

      17 June 2025

      AI and the future of ICT distribution

      16 June 2025
    • Company Hubs
      • Africa Data Centres
      • AfriGIS
      • Altron Digital Business
      • Altron Document Solutions
      • Altron Group
      • Arctic Wolf
      • AvertITD
      • Braintree
      • CallMiner
      • CambriLearn
      • CYBER1 Solutions
      • Digicloud Africa
      • Digimune
      • Domains.co.za
      • ESET
      • Euphoria Telecom
      • Incredible Business
      • iONLINE
      • Iris Network Systems
      • LSD Open
      • NEC XON
      • Network Platforms
      • Next DLP
      • Ovations
      • Paracon
      • Paratus
      • Q-KON
      • SevenC
      • SkyWire
      • Solid8 Technologies
      • Telit Cinterion
      • Tenable
      • Vertiv
      • Videri Digital
      • Wipro
      • Workday
    • Sections
      • AI and machine learning
      • Banking
      • Broadcasting and Media
      • Cloud services
      • Contact centres and CX
      • Cryptocurrencies
      • Education and skills
      • Electronics and hardware
      • Energy and sustainability
      • Enterprise software
      • Fintech
      • Information security
      • Internet and connectivity
      • Internet of Things
      • Investment
      • IT services
      • Lifestyle
      • Motoring
      • Public sector
      • Retail and e-commerce
      • Science
      • SMEs and start-ups
      • Social media
      • Talent and leadership
      • Telecoms
    • Events
    • Advertise
    TechCentralTechCentral
    Home » Top » The NSA has been hacked. Now what?

    The NSA has been hacked. Now what?

    By The Conversation21 August 2016
    Twitter LinkedIn Facebook WhatsApp Email Telegram Copy Link
    News Alerts
    WhatsApp
    The NSA's headquarters in Fort Meade, Maryland, USA
    The NSA’s headquarters in Fort Meade, Maryland, USA

    It is looking increasingly likely that computer hackers have in fact successfully attacked what had been the pinnacle of cybersecurity — the US National Security Agency (NSA). A few days ago, reports began emerging of claims by a hacking group called the Shadow Brokers that it had breached the network of, and accessed critical digital content from, computers used by the Equation Group. This attracted more than the usual amount of attention because the Equation Group is widely believed to be a spying element of the NSA.

    It is possible — perhaps even likely — that Shadow Brokers is a group of hackers linked to the Russian government.

    Shadow Brokers posted online some examples of the data it said it had stolen, including scripts and instructions for breaking through firewall protection. Cybersecurity analysts poring over that information are confident that the material is in fact from Equation Group. This news raises a bigger question: what are the consequences if the Equation Group — and by extension the NSA — were actually hacked?

    The NSA holds a massive amount of data, including information on US citizens’ and foreign nationals’ phone calls, social connections, e-mails, Web-browsing sessions, online searches and other communications. How much data? The NSA’s Utah data centre alone is reported to have a storage capacity of five zetabytes, or a trillion gigabytes. However, judging from what has been made public of what has been stolen by Shadow Brokers, this massive data trove has not been breached.

    But the NSA’s other key digital asset is a collection of very sophisticated, often custom-designed, hacking, analysis and surveillance software. The agency uses these tools to break into computer networks at home and abroad to spy on specific targets and the public at large.

    The Shadow Brokers have claimed to have copies of this software and information on security vulnerabilities the NSA uses in its attacks, including instructions for breaking into computer networks. If true, these would be of very high strategic value to someone seeking to defend against cyberattacks, or wanting to conduct their own.

    What is the Equation Group?

    The Equation Group has been closely watched since its existence was first revealed in an early 2015 report by security researchers at Kaspersky Lab, a Russian-based computer security company. Cyberattacks using the Equation Group’s signature methods have been carried out since 2001, using extremely specific customised techniques.

    In addition to engineering the attacks to ensure a very low risk of detection, they maintain a close watch on their targets to ensure their surveillance does in fact go undetected. And the number of targets they choose is very small — tens of thousands of computers as opposed to the hundreds of thousands or even tens of millions of machines hacked in other major attacks.

    Equation Group’s targets included government and diplomatic institutions, companies in diverse sectors as well as individuals in more than 30 countries.

    Kaspersky Lab reports that China and Russia are among the countries most infected by the Equation Group’s hacking tools. Among the alleged targets were the Russian natural gas company Gazprom and the airline Aeroflot. Likewise, China’s major mobile companies and universities were allegedly victimised by the NSA.

    Who hacks whom?

    Cyber weapons and their capabilities are becoming an increasing part of international relations, forming part of foreign policy decisions and even sparking what has been called a “cyber arms race”.

    The Shadow Brokers attack may be a part of this global interplay. The US government is considering economic sanctions against Russia, in response to the alleged cyberattack on the Democratic National Committee computers by two Russian intelligence agencies. Those same attackers are believed to have been behind the 2015 cyberattacks on the White House, the state department and the joint chiefs of staff.

    If the material Shadow Brokers have stolen can link cyberattacks on Gazprom, Aeroflot and other Russian targets with the NSA, Russia can argue to the international community that the US is not an innocent victim, as it claims to be. That could weaken support for its sanctions proposal.

    Russia and China, among other adversaries, have used similar evidence in this way in the past. Edward Snowden’s revelation of the US Prism surveillance programme, monitoring vast amounts of Internet traffic, became an important turning point in China-US cyber relations. Commenting on the NSA’s alleged hacking of China’s major mobile companies and universities, an editorial in China’s state-run Xinhua News Agency noted: “These, along with previous allegations, are clearly troubling signs. They demonstrate that the US, which has long been trying to play innocent as a victim of cyberattacks, has turned out to be the biggest villain in our age.”

    In general, allegations and counter allegations have been persistent themes in Chinese-American interactions about cybercrimes and cybersecurity. China’s approach shifted toward more offensive strategies following Snowden’s revelation of the Prism surveillance programme. It is likely that this hack of cyber weapons may provide China and other US adversaries with even more solid evidence to prove American involvement in cyberattacks against foreign targets.

    There are other dangers, too. Hackers now have access to extremely sophisticated tools and information to launch cyberattacks against military, political and economic targets worldwide. The NSA hack thus may lead to further insecurity of cyberspace.

    The attack is also further proof of the cybersecurity industry’s axiom about the highly asymmetric probabilities of successful attack and successful defence: attackers need to succeed only once; defenders have to be perfect every time. As sophisticated as the NSA’s highly secure network is, the agency cannot ever fully protect itself from cyber attackers. Either these attackers have already gotten in, or some other group will be the first to do so in the future.

    Actors with fewer financial and technical resources can compromise high-value targets. What will come of this attack remains to be seen, but the potential for profound and wide-ranging, even global, effects is clear.The Conversation

    • Nir Kshetri is professor of management, University of North Carolina — Greensboro
    • This article was originally published on The Conversation


    Subscribe to TechCentral Subscribe to TechCentral
    Share. Facebook Twitter LinkedIn WhatsApp Telegram Email Copy Link
    Previous ArticleZuck sells $95m in Facebook for philanthropy
    Next Article More attacks on Telkom’s network

    Related Posts

    MultiChoice: We can’t afford to compete without help

    17 July 2025

    The internet’s weakest link is under the ocean

    17 July 2025

    AI misuse shakes South African courtrooms

    17 July 2025
    Company News

    SA businesses embrace gen AI – but strategy and skills are lagging

    17 July 2025

    Ransomware in South Africa: the human factor behind the growing crisis

    16 July 2025

    Mental wellness at scale: how Mac fuels October Health’s mission

    15 July 2025
    Opinion

    A smarter approach to digital transformation in ICT distribution

    15 July 2025

    In defence of equity alternatives for BEE

    30 June 2025

    E-commerce in ICT distribution: enabler or disruptor?

    30 June 2025

    Subscribe to Updates

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    © 2009 - 2025 NewsCentral Media

    Type above and press Enter to search. Press Esc to cancel.