PARIS (AP) — The leak of what purports to be a National Security Agency hacking tool kit has set the information security world atwitter — and sent major companies rushing to update their defenses.
Experts across the world are still examining what amount to electronic lock picks. Here’s what they’ve found so far.
WHAT’S IN THE RELEASE?
The tool kit consists of a suite of malicious software intended to tamper with firewalls, the electronic defenses protecting computer networks. The rogue programs appear to date back to 2013 and have whimsical names like EXTRABACON or POLARSNEEZE. Three of them — JETPLOW, FEEDTROUGH and BANANAGLEE — have previously appeared in an NSA compendium of top secret cyber surveillance tools .
The auctioneers claim the tools were stolen from the Equation Group, the name given to a powerful collective of hackers exposed by antivirus firm Kaspersky Lab in 2015. Others have linked the Equation Group to the NSA’s hacking arm, although such claims are extraordinarily hard to settle with any certainty.
The leaked tools “share a strong connection” with the Equation Group, Kaspersky said in a blog post late Tuesday. The Moscow-based company said the two used “functionally identical” encryption techniques.
The leaked tools also appear to be powerful, according to a running analysis maintained by Richmond, Virginia-headquartered Risk Based Security. The group said several of the vulnerabilities targeted by the malware — including one affecting Cisco firewalls — were previously unknown, a sign of a sophisticated actor.
Security and networking companies scrambled to investigate the flaws exposed by the auction. Cisco Systems, Inc. issued an urgent update to its software late Wednesday. Fortinet, Inc., a Sunnyvale, California-based security company, also said it was investigating.
Nicholas Weaver, a researcher at the International Computer Science Institute in Berkeley, California, said that the news was terrible for the NSA no matter the circumstances behind the leak because companies like Cisco guard critical U.S. infrastructure.
“If the NSA discovered breach in 2013 and never told Cisco/Fortinet, this is VERY BAD,” he said in a message posted to Twitter . “If they didn’t know, this is VERY BAD.”
The NSA has not returned repeated messages seeking comment.
WHO IS BEHIND THE LEAK?
The documents have been leaked as part of a surreal online auction by a group calling itself “Shadow Brokers.” Their madcap, Borat-like manifesto rails against the “Wealthy Elite” and the group’s name appears to be a nod to the “Mass Effect” series of video games, where an elusive Shadow Broker traffics in sensitive information.
Few take the name or the manifesto at face value. Many have floated the possibility of Russian involvement, a theory that received unexpected support when NSA leaker Edward Snowden endorsed it on Twitter.
In a series of messages, Snowden wondered aloud whether the server the data was stolen from might be linked to a U.S. attempt to influence a foreign election. That would be a politically charged development in the context of recent allegations that Russia is trying to tamper with America’s presidential campaign.
The leak looks like a warning that any attempt to point the finger at Moscow over alleged electoral interference “could get messy fast,” Snowden tweeted. He did not return messages seeking further comment.
Comae Technologies founder Matt Suiche said the theory of a disgruntled insider couldn’t be ruled out.
In a blog post , Suiche said he’d been contacted by a former NSA analyst who pointed out that the tools leaked online normally resided on a segregated network and that the way they were named suggests the data was copied direct from the source. Suiche cautioned it was just a theory.
“We’ll never know,” he said in a message to AP.
Repeated emails and online messages seeking comment from the Shadow Brokers went unreturned.
HOW DOES THE AUCTION WORK?
Shadow Brokers have already published much of the data they claim to have. The rest — “the best files” — will be released, they claim, to whoever wins the auction.
The content of the files is secret, the group said in its announcement. So too is the length of the auction, which it said would end, in its signature broken English, “when we feel is time to end.”
Many dismiss the auction as a stunt.
Hopeful bidders have been invited to send bitcoins — the borderless electronic currency — but as of late Wednesday the address specified by the group had only gathered 1.72 bitcoins, or $981.
It’s more than pocket change. But the group’s stated goal is 1,000,000 bitcoins, or $570 million.
This story has been corrected to show the reference should be to a former NSA analyst, not a former NSA hacker.
LOS ANGELES (AP) — “Mr. Robot” is now a video game.
A fake messaging app inspired by the USA Network hacker drama was released Wednesday for mobile devices.
“Mr. Robot:1.51exfiltratiOn” casts players as a stranger who finds a mysterious smartphone and begins communicating with the show’s characters through an app published by the fictional E-Corp.
The game was developed by “Oxenfree” creators Night School Studio and published by Telltale Games . The app’s developers worked on “1.51exfiltratiOn” with “Mr. Robot” creator Sam Esmail and show writer Kor Adana.
“Working hand in hand with Sam, series writer Kor Adana and Universal Cable Productions, we’ve created an opportunity for players to meaningfully interact with characters like Elliot, Darlene and Cisco, truly feeling like they’re joining the hack at a critical moment in the TV series,” said Night School Studio co-founder Sean Krankel. “As fans, it’s nothing short of a dream come true for us.”
The developers say the game takes place over the course of a week.
The popular moody hacker series stars Rami Malek as anti-social computer programmer Elliot Alderson and Christian Slater as the cryptic Mr. Robot. The show is currently in its second season.
NEW YORK (AP) — A Virginia man who scaled the all-glass face of Trump Tower last week using suction cups planned his climb, ordering equipment on Amazon, practicing ahead of time and waiting until his parents were away before traveling to New York City, according to prosecutors.
Stephen Rogata, 19, dressed in blue hospital garb, answered a judge’s questions but made no other comments during his court appearance Wednesday via video linkup from a Manhattan psychiatric hospital.
“This was a well-thought-out, planned stunt,” said Pierre Griffith, an assistant district attorney, noting Rogata waited until his parents went on vacation before driving from Great Falls, Virginia, to New York ahead of the Aug. 10 climb.
Rogata’s hourslong climb of Donald Trump’s 58-story namesake Manhattan skyscraper was streamed live by various news organizations and bystanders who watched gleefully as he slowly ascended floor after floor using a harness and climbing ropes.
At one point, a laptop he was carrying in his backpack fell out, crashing on the ground below as he plodded along from a fifth-floor atrium to the 21st floor, where he was hauled in through an open window by police detectives, Griffith said.
Rogata also politely rejected a police detective’s efforts to persuade him to end his efforts, saying, “No, thanks, I don’t want the rope,” when the investigator lowered a line down for Rogata to attach himself to, Griffith said.
Rogata’s attorney, Tara Collins, said her client was receiving much-needed mental health treatment.
“At best he was doing something profoundly stupid,” she told the judge, noting he made no threats and was hoping to sit down with someone “he could never meet.”
Trump Tower is home the Republican presidential candidate’s campaign headquarters, his business empire and his personal residence. He was not in the tower on the day of Rogata’s climb.
Rogata was held on $10,000 bail following an arraignment on four misdemeanor charges, including reckless endangerment and trespassing.
After he was arrested, Griffith said, Rogata told a police officer that he had practiced using the suction cups on a three-story building in Virginia, scoped out Trump Tower ahead of his climb and intended to get to the roof.
“I want to get a message to Donald Trump,” he told a Secret Service agent at the hospital, according to Griffith. The content of the message was unclear.
Rogata, whose birth name is Michael Joseph Ryan, ran away from home in 2014 after his internet privileges were revoked for spending too much time on a “blog on government issues in the United States,” according to a police report in Fairfax County, Virginia.
His father, a career Navy officer, and his mother, a New Jersey native, were with their son and coordinating his treatment back in Virginia, said Collins, noting there “is concern of an ongoing or burgeoning mental health issue.”
NEW YORK (AP) — AT&T is joining Verizon in raising the prices of some of its data plans.
As with Verizon, AT&T is going to great lengths to avoid calling the changes a price hike, as the higher prices come with more data, reducing the cost per gigabyte for many customers. Indeed many customers will benefit, and those who won’t can keep their existing plans.
The price increase underscores how wireless companies see data as a way to boost revenue. Most plans now come with unlimited calls and texts.
The new rates take effect Sunday. AT&T customers who want to keep their existing plans don’t need to do anything. They can still add lines to their account, but won’t be able to change data levels without switching to the new rates.
AT&T’s efforts to simplify its plans include standardizing the “access charge” that customers pay on top of data charges. That’s the voice and text portion of the monthly service bill. Now, customers will pay $20 a month per line, unless they still have a discounted phone under two-year contracts, which wireless companies are phasing out. Before, the access charge was $25 for smaller data plans and $15 for larger ones.
Customers on larger data plans will now pay more for access, but will get comparable or greater reductions in the data rates. In fact, families on plans of 20 gigabytes or more will likely see signification reductions in their phone bills.
That’s not the case with smaller plans, as phone companies try to push customers into larger tiers to boost revenue. Those on smaller data plans will generally pay $10 a month more for data, offset by a $5-per-line reduction in the access charge. That’s a net increase of $5 for individuals, though those prices come with at least 20 percent more data.
But there’s one case where customers get less. For $30, customers used to get 2 gigabytes of data. Now, that price comes with 1 gigabyte. Those customers will still benefit from the $5-per-line reduction.
Regardless of the data level, Dallas-based AT&T Inc. is eliminating charges for exceeding monthly data caps, at least for those who do switch to the new rates. The charge was typically $15 per gigabyte over. Now, AT&T will slow down speeds instead after the cap is reached. The slower speeds will be fine for email and basic status updates on Facebook, but photos will be difficult and streaming video nearly impossible.
Verizon also eliminated charges for exceeding caps when it raised prices last month, though for those on smaller data plans, customers have to pay a $5 a month “safety” fee to avoid such charges. There’s no extra fee with AT&T. Sprint and T-Mobile also slow down speeds instead of charging for exceeding caps, without imposing any safety fee.
Last year, T-Mobile raised its rates as well, while calling them greater values with more data.
COLUMBUS, Ohio (AP) — After a hefty piece of stone molding fell from the brick exterior of Ohio University’s football stadium onto a sidewalk, other similar moldings have been removed as a precaution and work is underway to stabilize the wall before the team’s home opener in early September.
No one was hurt when the 8-inch-thick piece — measuring about 2 ½ feet by 4 feet — evidently crashed down at the southwest corner of Peden Stadium from a part of the stands that was built in 1929, the school said in a statement. A door and a cabinet of audio and video equipment were damaged.
The school said the support system underneath the stone molding apparently failed, and areas around some of the stands were blocked off as a safety precaution after the fallen stone was discovered the morning of July 27. University officials think the piece fell that morning or the previous night and aren’t aware of anyone having been around when it happened, spokesman Dan Pittman said in an email.
A structural engineer subsequently inspected the masonry on the stands and recommended taking off the remaining stone moldings and making interim repairs, according to the university. It said those changes, slated to be done before the Bobcats face Texas State on Sept. 3, are expected to cost about $202,000.
The university plans to start construction in March on a long-term repair that is yet to be designed but would be scheduled for completion by this time next year. A contractor hasn’t been chosen for that design and repair work, so the cost for that hasn’t been determined, Pittman said.
OU wasn’t aware of any previous concerns raised about the integrity of the stadium masonry and no similar masonry failures have happened there previously, Pittman said.
The repair work hasn’t affected athletic practices or other activities, he said.
BERLIN (AP) — A top German politician has received applause — and some criticism — after making an unambiguous gesture of disdain toward far-right protesters.
A video posted online late Tuesday shows Vice Chancellor Sigmar Gabriel flipping the bird at a group of neo-Nazis in the central German town of Salzgitter on Friday.
The clip shows about 10 far-right protesters holding placards accusing Chancellor Angela Merkel’s deputy of being a “race traitor” and praising Gabriel’s late father, a committed Nazi.
At first, the leader of the center-left Social Democratic Party is seen laughing at the demonstrators before raising his middle finger and turning away. While some on social media criticized Gabriel for his coarse reaction, many praised the gesture, with one user on Facebook commenting: “I can’t like that often enough.”