A cache of powerful computer espionage tools used by the National Security Agency was recently online, suggesting the NSA itself was hacked and the tools stolen.
Edward Snowden — the former NSA contractor who exposed the agency’s surveillance practices in 2013 — took to Twitter on Tuesday to discuss the leak.
Snowden said the most notable thing wasn’t that the NSA was hacked but that the hack has now been publicized. Following is Snowden’s series of tweets.
1) NSA traces and targets malware C2 servers in a practice called Counter Computer Network Exploitation, or CCNE. So do our rivals.
— Edward Snowden (@Snowden)
3) This is how we steal their rivals' hacking tools and reverse-engineer them to create "fingerprints" to help us detect them in the future.
— Edward Snowden (@Snowden)
5) Knowing this, NSA's hackers (TAO) are told not to leave their hack tools ("binaries") on the server after an op. But people get lazy.
— Edward Snowden (@Snowden)
7) Why did they do it? No one knows, but I suspect this is more diplomacy than intelligence, related to the escalation around the DNC hack.
— Edward Snowden (@Snowden)
9) This leak is likely a warning that someone can prove US responsibility for any attacks that originated from this malware server.
— Edward Snowden (@Snowden)
11) Particularly if any of those operations targeted elections.
— Edward Snowden (@Snowden)
13) TL;DR: This leak looks like a somebody sending a message that an escalation in the attribution game could get messy fast.
— Edward Snowden (@Snowden)
