RSN Fundraising Banner
FB Share
Email This Page
add comment

Bamford writes: "Rather than the NSA hacking tools being snatched as a result of a sophisticated cyber operation by Russia or some other nation, it seems more likely that an employee stole them. Experts who have analyzed the files suspect that they date to October 2013, five months after Edward Snowden left his contractor position with the NSA."

Former U.S. National Security Agency contractor Edward Snowden. (photo: Mark Blinch/Reuters)
Former U.S. National Security Agency contractor Edward Snowden. (photo: Mark Blinch/Reuters)

Evidence Points to Another Snowden at the NSA

By James Bamford, Reuters

22 August 16


n the summer of 1972, state-of-the-art campaign spying consisted of amateur burglars, armed with duct tape and microphones, penetrating the headquarters of the Democratic National Committee. Today, amateur burglars have been replaced by cyberspies, who penetrated the DNC armed with computers and sophisticated hacking tools. 

Where the Watergate burglars came away empty-handed and in handcuffs, the modern- day cyber thieves walked away with tens of thousands of sensitive political documents and are still unidentified.

Now, in the latest twist, hacking tools themselves, likely stolen from the National Security Agency, are on the digital auction block. Once again, the usual suspects start with Russia - though there seems little evidence backing up the accusation. 

In addition, if Russia had stolen the hacking tools, it would be senseless to publicize the theft, let alone put them up for sale. It would be like a safecracker stealing the combination to a bank vault and putting it on Facebook. Once revealed, companies and governments would patch their firewalls, just as the bank would change its combination. 

A more logical explanation could also be insider theft. If that's the case, it's one more reason to question the usefulness of an agency that secretly collects private information on millions of Americans but can't keep its most valuable data from being stolen, or as it appears in this case, being used against us.

In what appeared more like a Saturday Night Live skit than an act of cybercrime, a group calling itself the Shadow Brokers put up for bid on the Internet what it called a "full state-sponsored toolset" of "cyberweapons." "!!! Attention government sponsors of cyberwarfare and those who profit from it !!!! How much would you pay for enemies cyberweapons?" said the announcement. 

The group said it was releasing some NSA files for "free" and promised "better" ones to the highest bidder. However, those with loosing bids "Lose Lose," it said, because they would not receive their money back. And should the total sum of the bids, in bitcoins, reach the equivalent of half a billion dollars, the group would make the whole lot public. 

While the "auction" seemed tongue in cheek, more like hacktivists than Russian high command, the sample documents were almost certainly real. The draft of a top-secret NSA manual for implanting offensive malware, released by Edward Snowden, contains code for a program codenamed SECOND22 August 16. That same 16-character string of numbers and characters is in the code released by the Shadow Brokers. The details from the manual were first released by The Intercept last Friday.

The authenticity of the NSA hacking tools were also confirmed by several ex-NSA officials who spoke to the media, including former members of the agency's Tailored Access Operations (TAO) unit, the home of hacking specialists.  

"Without a doubt, they're the keys to the kingdom," one former TAO employee told the Washington Post. "The stuff you're talking about would undermine the security of a lot of major government and corporate networks both here and abroad." Another added, "From what I saw, there was no doubt in my mind that it was legitimate."

Like a bank robber's tool kit for breaking into a vault, cyber exploitation tools, with codenames like EPICBANANA and BUZZDIRECTION, are designed to break into computer systems and networks. Just as the bank robber hopes to find a crack in the vault that has never been discovered, hackers search for digital cracks, or "exploits," in computer programs like Windows. 

The most valuable are "zero day" exploits, meaning there have been zero days since Windows has discovered the "crack" in their programs. Through this crack, the hacker would be able to get into a system and exploit it, by stealing information, until the breach is eventually discovered and patched. According to the former NSA officials who viewed the Shadow Broker files, they contained a number of exploits, including zero-day exploits that the NSA often pays thousands of dollars for to private hacking groups.

The reasons given for laying the blame on Russia appear less convincing, however. "This is probably some Russian mind game, down to the bogus accent," James A. Lewis, a computer expert at the Center for Strategic and International Studies, a Washington think tank, told the New York Times. Why the Russians would engage in such a mind game, he never explained.

Rather than the NSA hacking tools being snatched as a result of a sophisticated cyber operation by Russia or some other nation, it seems more likely that an employee stole them. Experts who have analyzed the files suspect that they date to October 2013, five months after Edward Snowden left his contractor position with the NSA and fled to Hong Kong carrying flash drives containing hundreds of thousands of pages of NSA documents. 

So, if Snowden could not have stolen the hacking tools, there are indications that after he departed in May 2013, someone else did, possibly someone assigned to the agency's highly sensitive Tailored Access Operations.

In December 2013, another highly secret NSA document quietly became public. It was a top secret TAO catalog of NSA hacking tools. Known as the Advanced Network Technology (ANT) catalog, it consisted of 50 pages of extensive pictures, diagrams and descriptions of tools for every kind of hack, mostly targeted at devices manufactured by U.S. companies, including Apple, Cisco, Dell and many others. 

Like the hacking tools, the catalog used similar codenames. Among the tools targeting Apple was one codenamed DROPOUTJEEP, which gives NSA total control of iPhones. "A software implant for the Apple iPhone," says the ANT catalog, "includes the ability to remotely push/pull files from the device. SMS retrieval, contact-list retrieval, voicemail, geolocation, hot mic, camera capture, cell-tower location, etc." 

Another, codenamed IRATEMONK, is, "Technology that can infiltrate the firmware of hard drives manufactured by Maxtor, Samsung, Seagate and Western Digital." 

In 2014, I spent three days in Moscow with Snowden for a magazine assignment and a PBS documentary. During our on-the-record conversations, he would not talk about the ANT catalog, perhaps not wanting to bring attention to another possible NSA whistleblower.

I was, however, given unrestricted access to his cache of documents. These included both the entire British, or GCHQ, files and the entire NSA files.

But going through this archive using a sophisticated digital search tool, I could not find a single reference to the ANT catalog. This confirmed for me that it had likely been released by a second leaker. And if that person could have downloaded and removed the catalog of hacking tools, it's also likely he or she could have also downloaded and removed the digital tools now being leaked.

In fact, a number of the same hacking implants and tools released by the Shadow Brokers are also in the ANT catalog, including those with codenames BANANAGLEE and JETPLOW. These can be used to create "a persistent back-door capability" into widely used Cisco firewalls, says the catalog. 

Consisting of about 300 megabytes of code, the tools could easily and quickly be transferred to a flash drive. But unlike the catalog, the tools themselves - thousands of ones and zeros - would have been useless if leaked to a publication. This could be one reason why they have not emerged until now.

Enter WikiLeaks. Just two days after the first Shadow Brokers message, Julian Assange, the founder of WikiLeaks, sent out a Twitter message. "We had already obtained the archive of NSA cyberweapons released earlier today," Assange wrote, "and will release our own pristine copy in due course." 

The month before, Assange was responsible for releasing the tens of thousands of hacked DNC emails that led to the resignation of the four top committee officials. 

There also seems to be a link between Assange and the leaker who stole the ANT catalog, and the possible hacking tools. Among Assange's close associates is Jacob Appelbaum, a celebrated hacktivist and the only publicly known WikiLeaks staffer in the United States - until he moved to Berlin in 2013 in what he called a "political exile" because of what he said was repeated harassment by U.S. law enforcement personnel. In 2010, a Rolling Stone magazine profile labeled him "the most dangerous man in cyberspace." 

In December 2013, Appelbaum was the first person to reveal the existence of the ANT catalog, at a conference in Berlin, without identifying the source. That same month he said he suspected the U.S. government of breaking into his Berlin apartment. He also co-wrote an article about the catalog in Der Spiegel. But again, he never named a source, which led many to assume, mistakenly, that it was Snowden.

In addition to WikiLeaks, for years Appelbaum worked for Tor, an organization focused on providing its customers anonymity on the Internet. But last May, he stepped down as a result of "serious, public allegations of sexual mistreatment" made by unnamed victims, according to a statement put out by Tor. Appelbaum has denied the charges.

Shortly thereafter, he turned his attention to Hillary Clinton. At a screening of a documentary about Assange in Cannes, France, Appelbaum accused her of having a grudge against him and Assange, and that if she were elected president, she would make their lives difficult. "It's a situation that will possibly get worse" if she is elected to the White House, he said, according to Yahoo News.

It was only a few months later that Assange released the 20,000 DNC emails. Intelligence agencies have again pointed the finger at Russia for hacking into these emails. 

Yet there has been no explanation as to how Assange obtained them. He told NBC News, "There is no proof whatsoever" that he obtained the emails from Russian intelligence. Moscow has also denied involvement.  

There are, of course, many sophisticated hackers in Russia, some with close government ties and some without. And planting false and misleading indicators in messages is an old trick. Now Assange has promised to release many more emails before the election, while apparently ignoring email involving Trump. (Trump opposition research was also stolen.)  

In hacktivist style, and in what appears to be phony broken English, this new release of cyberweapons also seems to be targeting Clinton. It ends with a long and angry "final message" against "Wealthy Elites . . . breaking laws" but "Elites top friends announce, no law broken, no crime commit[ed]. . . Then Elites run for president. Why run for president when already control country like dictatorship?"

Then after what they call the "fun Cyber Weapons Auction" comes the real message, a serious threat. "We want make sure Wealthy Elite recognizes the danger [of] cyberweapons. Let us spell out for Elites. Your wealth and control depends on electronic data." Now, they warned, they have control of the NSA's cyber hacking tools that can take that wealth away. "You see attacks on banks and SWIFT [a worldwide network for financial services] in news. If electronic data go bye-bye where leave Wealthy Elites? Maybe with dumb cattle?"

Snowden's leaks served a public good. He alerted Americans to illegal eavesdropping on their telephone records and other privacy violations, and Congress changed the law as a result. The DNC leaks exposed corrupt policies within the Democratic Party.  

But we now have entered a period many have warned about, when NSA's cyber weapons could be stolen like loose nukes and used against us. It opens the door to criminal hackers, cyber anarchists and hostile foreign governments that can use the tools to gain access to thousands of computers in order to steal data, plant malware and cause chaos.

It's one more reason why NSA may prove to be one of Washington's greatest liabilities rather than assets. your social media marketing partner


A note of caution regarding our comment sections:

For months a stream of media reports have warned of coordinated propaganda efforts targeting political websites based in the U.S., particularly in the run-up to the 2016 presidential election.

We too were alarmed at the patterns we were, and still are, seeing. It is clear that the provocateurs are far more savvy, disciplined, and purposeful than anything we have ever experienced before.

It is also clear that we still have elements of the same activity in our article discussion forums at this time.

We have hosted and encouraged reader expression since the turn of the century. The comments of our readers are the most vibrant, best-used interactive feature at Reader Supported News. Accordingly, we are strongly resistant to interrupting those services.

It is, however, important to note that in all likelihood hardened operatives are attempting to shape the dialog our community seeks to engage in.

Adapt and overcome.

Marc Ash
Founder, Reader Supported News

-32 # indian weaver 2016-08-22 11:45
The Obama regime has had 2 big bad, significant hits in the past couple of days: 1. NSA hacked; and 2. Obama / America defeated by Russia / Iran / Turkey in Syria, thank God. Now if only we could see Obama executed by The Hague by hanging in public, along with dubya, the day would be perfect for billions of innocent humans and animals on the planet, not to mention the planet herself.
+52 # grandlakeguy 2016-08-22 12:22
What is even more important is to see the actual irrefutable evidence that Hillary Clinton and the DNC fraudulently "won" the primary elections to put down the Bernie Sanders Progressive threat!
If that evidence is exposed how will she still be able to continue to pursue her maniacal quest for the Presidency?

Once we lose the ability to elect our representatives we are no longer a free people...we have clearly lost that right.

A full disclosure of the fraud that is called American elections could reverse that tragedy!
+30 # grandlakeguy 2016-08-22 12:26


+31 # elizabethblock 2016-08-22 13:06
I mentioned this once before, I think.
A few years ago I heard a discussion on Democracy Now of how the US government was looking to hire hackers, presumably to do anti-hacking. But they couldn't afford to pay the same high salaries that the private sector was offering. So they were appealing to their patriotism.
Hmm, I thought. You're setting yourself up to get more Ed Snowdens, i.e. REAL patriots.
Looks like they may have done just that.
+3 # HowardMH 2016-08-23 09:29
Elizabeth, you nailed it when you said,"But they couldn't afford to pay the same high salaries that the private sector was offering". I worked in one of these private sector companies, and yes the ones that could not qualify and get a technical job, in many cases, ended up working for the government. We used to shake our heads in disbelief.
+14 # jimmyjames 2016-08-22 13:22
Patriotic insiders are doing the vast majority of the hacking and God bless them all. While they may lose their lives in the process, their aim is to expose corruption and in turn save millions of lives.Seth Rich, who was murdered this past July by the Clintonites, is the most recent example.
-1 # Caliban 2016-08-25 00:14
"Murdered ... by the Clintonites"? Like # jimmyjames murders the presumption of innocence?
+41 # RMDC 2016-08-22 13:30
I don't know anything about hacking but it seems that there is no computer or database that cannot be hacked with right tools. The release of the NSA's tool kit is a great thing. It puts a lot of hackers on a level playing field with the NSA. They can do what it does. The NSA becomes just another hacker.

I hope there is a cascade effect and each release of NSA material leads to more and more whistleblowers sending out more information. In this way, the NSA will die. This is democracy in action. The people through some ordinary heroes are taking on the behemoth and slaying it.

Thank you Edward Snowden. And thank you to the new leaker.
+11 # kundrol 2016-08-22 19:05
Yes a big thank you indeed!
+2 # seeuingoa 2016-08-22 13:37
A wise man once said

Fuck that Shit

and lived happily ever after.
+10 # AndreM5 2016-08-22 14:25
The first two paragraphs are blatantly wrong, so how much of the rest of the article should be believed?

Watergate "burglars" were in no way "amateurs" given their ties to the CIA including the Bay of Pigs and Kennedy assassination. They were not doing "dirty campaign tricks" but rather making a desperate attempt to ensure the DNC did not have the evidence of Nixon's treason with regard to the Paris Peace Talks for Viet Nam. As we know now, Johnson and Humphrey did have the proof but chose not to use it in the campaign.
+13 # Merlin 2016-08-22 16:04
# AndreM5 2016-08-22 14:25
“The first two paragraphs are blatantly wrong…”

I disagree with this. The author did not say or indicate anything about “dirty campaign tricks.” That is the CW, and the misinformation pumped out to conceal what you say here:

“…rather making a desperate attempt to ensure the DNC did not have the evidence of Nixon's treason with regard to the Paris Peace Talks for Viet Nam. As we know now, Johnson and Humphrey did have the proof but chose not to use it in the campaign.”

BTW, do you have info on Humphrey knowing this? I would like it, as I have not heard that. Additionally, Johnson was going to release it, but was convinced by the argument that the American public was not ready for that. The decision was not really a campaign issue, it was much bigger than that in Johnson’s mind. If it was a serious campaign strategy he would have released it and Nixon would have been toast. He decided the “X-Envelope” would not be released for at least 50 years. Personally, I think he should have released the contents of the X-Envelope in 1968.

Secondly, Nixon did not run some well thought out “professional” scheme to get the documents, He essentially said, “I don’t care what you do, I want those docs!” How experienced you are is not important, if you don’t have a well thought plan. If you don’t have one, very experienced crooks become rank amateurs doing the job, as the Watergate results show.
+5 # Radscal 2016-08-23 20:43
I suspect LBJ chose not to go public with the Nixon treason because of his knowledge about the treason that put him into the White House. And he knew Nixon knew.

"The whole Bay of Pigs thing" as Nixon put it.
+13 # Texas Aggie 2016-08-22 16:13
The first two paragraphs were hardly "blatantly wrong." They got caught which means they weren't as professional as they thought, and some of them did time in jail. The rest is just a quibble over word definitions.
+5 # anarchteacher 2016-08-22 17:36

Not to beat a dead horse but here is a very different take on Watergate and the second burglary. These experienced CIA veteran burglars were set up, most likely by James McCord. And the target was not Larry O'Brien's office.

White House Call Girl
+5 # Blackjack 2016-08-22 14:42
Andre is right! I know I'm making an assumption about Andre, but maybe he's right because older people remember the history better because they lived it.
+8 # anarchteacher 2016-08-22 17:37
Roger Stone has revealed how Nixon got his full and complete pardon from Gerald Ford because he threatened to reveal how Ford had manipulated evidence and participated in the Warren Commission cover-up of JFK’s murder and coup d’état by Lyndon Johnson and the top echelon of the National Security State.

Nixon knew LBJ had Kennedy killed. This is why he was obsessed with getting all CIA background data to the 1961 Bay of Pigs and other related archival materials as “insurance” for his own criminal behavior while in office. He felt that if he was going down, so would everyone involved in the coup and cover-up.

Read Roger Stone’s The Man Who Killed Kennedy: The Case Against LBJ, and Nixon’s Secrets: The Rise, Fall and Untold Truth about the President, Watergate, and the Pardon; Phil Stanford, White House Call Girl: The Real Watergate Story; and James W. Douglass, JFK and the Unspeakable: Why He Died and Why It Matters, for the factual details behind these events.
+2 # PaulK 2016-08-23 15:13
I can't figure out how this hacker tools auction is supposed to happen. If the hackers have all of these tools, then they already have access to most of the Bitcoin codes on the planet. In other words, they own all the money right now. So how are bank-robbing Russian groups, software corporations and governments going to pay these guys their auction money if not in Bitcoin?
+4 # PCPrincess 2016-08-23 20:22
Well, perhaps not. Keep in mind that the tools in question were created with specific targets in mind. For example, the article mentions a tool that could break into iPhones. However, a hacking tool is made very specifically to crack an algorithm or a security feature that is specific to that device.

These tools would not allow them to access banks suddenly, just those devices for which they were created.
0 # Anarchist 23 2016-08-24 15:54
Wow...'Reality' gets more like fiction everyday...I think I have read all this in a book somewhere...or was it a movie?
0 # John S. Browne 2016-08-30 00:49

Praise and thank God for the whistleblowers! ! Without the minority of truthtellers exposing the massive false-propagand a lies and setting us free with the real truth of what is really going on, we would perish in the darkness of brainwashing, like the vast majority of people, particularly "Americans", are!!

Therefore, I HOPE there is another "Snowden"; and I hope and pray that there are MANY "Snowdens", and that more and more of them are empowering and emboldening yet more of them to come forward and do their DUTY(IES) to speak truth to power, to expose the massive false-propagand a lies of the corporate-fasci st totalitarian militarized police state and "panopticon 'matrix' control and enslavement grid", and to wake more and more people up to what is really happening, and to the mass-murderous Western and global government perpetual-war machine that is drowning us in an increasing sea of mass-carnage, blood, death, outward eradication of all True Liberty(ies) and Freedom(s), and all True Human and Civil Rights, and thus enslaving us (the opposite of True Freedom and Liberty)!!

(Continued below)
0 # John S. Browne 2016-08-30 00:50

Keep coming forward in greater and greater numbers, whistleblowers! ! Keep exposing the deadly, mass-murderous endless-war carnage and war crimes!! Keep bringing to the light of day the massive crimes against the peace, crimes against humanity, and human rights violations of the West and the global corporate-fasci st totalitarian militarized police state!! Keep emboldening and empowering us to resist and dissent against ALL of the global enslavement, ALL of the endless wars of aggression, "the supreme international crime" under BOTH international AND U.S. law(s), ALL of the mass-murder flowing therefrom, ALL of the human rights violations, ALL of the war crimes, ALL of the crimes against humanity, ALL of the crimes against the peace, and ALL of the crimes against the earth and its many other innocent, defenseless inhabitants!!

Set us free with NOTHING BUT the truth!!


THE NEW STREAMLINED RSN LOGIN PROCESS: Register once, then login and you are ready to comment. All you need is a Username and a Password of your choosing and you are free to comment whenever you like! Welcome to the Reader Supported News community.