Global Hackers Launch Malware Subscription Service
Shadow Brokers to sell U.S. spy tools, threatening everything from smart phones to nuclear programs
The now infamous hacking group known as Shadow Brokers, which leaked the Windows exploit that led to the WannaCry ransomware disaster, has just announced a new monthly service. It’s a hack-of-the-month club.
For a monthly fee, subscribers will be able to get exclusive access to upcoming leaks, such as:
- Cool exploits for web browsers, routers, and smartphones
- The latest in malicious code for operating systems, including Windows 10
- Special compromised data from banks and Swift network providers
- Exciting network information from Russian, Chinese, Iranian, and North Korean nuclear missile programs
Starting this month, Shadow Brokers will release to its subscribers an exclusive list of advanced zero-day bugs and threats for both desktop and mobile platforms, which it obtained from our own NSA.
But Microsoft will not be invited to join. Instead, Shadow Brokers is looking to attract pedestrian hackers, state-sponsored cybercriminals, cyber gang members, and journalists. The group sees itself not as bad guys, but instead performing what it considers to be a highly moralistic public service: revealing the techniques our own intelligence agencies use on our adversaries and keep hidden from all major software vendors.
The longer these vulnerabilities remain hidden, the greater the cost and effort required to protect against exploits, and the greater the risk of global cyberattacks like the WannaCry ransomware cryptoworm, which has infected over 230,000 computers in 150 countries.
Not to be outdone, WikiLeaks just published a new batch of its ongoing "Vault 7" leak, detailing a CIA project that turns Windows file servers into covert attack machines that infect other computers inside a targeted network.
Since March, Wikileaks has published several batches of the Vault 7 series, which includes two CIA malware frameworks for Microsoft Windows, a tool that embeds web beacons into confidential documents. This allows the tracking of insiders and whistleblowers. Also possible is custom malware that enables the bypassing of conventional antivirus software, malicious code for hacking iPhones and Macs, and the now famous Weeping Angel, which infiltrates smart TVs and turns them into spy cameras.
Regardless of how you perceive these guys, the good news is that at last these vulnerabilities will be made public, and the millions of businesses and institutions all over the world who rely on them to run their operations will be able to patch the holes. After all, it was only through the release by the Shadow Brokers of the EternalBlue exploit and DoublePulsar backdoor, both developed by the NSA, that we could identify the source of the WannaCry worm and get some visibility into the dangers of withholding cybersecurity information from the public.
The U.S. government and tech companies such as Microsoft have been justifiably criticized for not correcting these vulnerabilities when they had the chance, months before their release.
Shadow Brokers has gone beyond mere criticism and has outright accused Microsoft and others, including Google, of accepting government bribes to keep zero-day threats unpatched and unreported. The group further claims it has undercover agents working at several tech companies who are feeding it actionable information regarding the payments.
The veracity of these claims goes to the question of whether you believe this group is operating in its own best interests or in the interests of the United States.
The group might have hurt its credibility in recent weeks by attempting unsuccessfully to capitalize on the stolen knowledge by offering it up on black markets in exchange for Bitcoin. Some will defend that act as a reasonable attempt to get someone to pay Shadow Brokers something for all these "good deeds." But however you slice it, and whichever way you wish to believe, the world is probably better off with a spotlight focused on software vulnerabilities.
It is one thing to spend billions of dollars on cybersecurity defense to assure that we can send email and process payments. It is quite another to assure that we can light and heat our homes, and drink clean water without having to cope with a nuclear aftermath.
By 2020, there will be 200 billion unsecured internet-of-things devices. Will we still be hoarding software vulnerabilities then?
Steve King is the COO and CTO of Netswitch Technology Management.