Leaks suggest America's NSA may have hacked global banking system
Hacking group Shadow Brokers have leaked spy tools allegedly created and used by the US National Security Agency (NSA). The security exploits comprise of vulnerabilities in computers and servers running on Windows. Experts say such exploits may have allowed the NSA to secretly monitor financial transactions. The leak, if credible, may be the most significant NSA exposure since the Edward Snowden leaks in 2013.
The leaks suggest the NSA may have used the Windows hacking tools to the global SWIFT financial security system, especially EastNets, an anti-money laundering financial institution. Under a counter-terrorism effort, the US government has for long been given access to financial data through SWIFT. However, the leaked documents show that the methods followed by the NSA went beyond its "official access."
"This is quite possibly the most damaging thing I've seen in the last several years," said security firm Hacker House's founder Matthew Hickey. "This puts a powerful nation state-level attack tool in the hands of anyone who wants to download it to start targeting servers," he added. He said "any attacker can download simple toolkit to hack into Microsoft based computers around the globe."
Hacker House's Matthew Hickey said, "most home users will not be directly impacted by these vulnerabilities… The risk is much bigger to enterprise and businesses who rely on these services to connect online." Quick updates by antivirus like McAfee or Kaspersky should help address the vulnerabilities of your Windows PC, provided they've been installed, said Travis Smith, a Senior Security Research Engineer at Tripwire.
"The Mother Of All Exploits escaped from an NSA laboratory and is wrecking the internet," tweeted Edward Snowden, in a reference to the US military dropping the "Mother of All Bombs" in Afghanistan against ISIS.
A representative of SWIFT said following the leak that there's "no evidence to suggest that there has ever been any unauthorized access to our network or messaging services." EastNets has also disputed the claims made in the leaks saying there's "No credibility to the online claim of a compromise of EastNets customer information on its SWIFT service bureau."
A Microsoft spokesperson said the company is evaluating the leak and will "take the necessary actions to protect our customers." It said no one from the US government or NSA has contacted it regarding the Shadow Brokers leak.