New leak suggests NSA penetrated Mideast banking networks

Remigio Civitarese
Aprile 16, 2017

An email to the NSA's press office has not been returned.

SWIFT said it regularly releases security updates and instructs client banks on how to handle known threats.

SWIFT said it had no evidence that the main SWIFT network had ever been accessed without authorization.

The Shadow Brokers released their latest and most substantial trove of documents early Friday morning. They are republished from a number of sources, and are not produced by MintPress News.

"That's information you can only get if you compromise the system", he said.

"We now have all of the tools the NSA used to compromise SWIFT (via) Cisco firewalls, Windows", Suiche said.

Since the early 1990s, interrupting the flow of money from Saudi Arabia, the United Arab Emirates, and elsewhere to al Qaeda, the Taliban, and other militant Islamic groups in Afghanistan, Pakistan and other countries has been a major objective of USA and allied intelligence agencies.

The leaked files show the NSA was allegedly targeting EastNets in Dubai, Belgium, and Egypt.

Mustafa Al-Bassam, a computer science researcher at University College London, said on Twitter that the Shadow Brokers documents show that the "NSA hacked a bunch of banks, oil and investment companies in Palestine, UAE, Kuwait, Qatar, Yemen, more".

Reuters was not able to independently verify the authenticity of the documents released by the hackers.

According to security researcher and hacker Matthew Hickey, co-founder of Hacker House, the significance of what's now publicly available, including "zero day" attacks on previously undisclosed vulnerabilities, can not be overstated: "I don't think I have ever seen so much exploits and 0day [exploits] released at one time in my entire life", he told The Intercept via Twitter DM, "and I have been involved in computer hacking and security for 20 years".

Matt Suiche, founder of cybersecurity firm Comae Technologies, wrote in a blog post that screen shots indicated some SWIFT affiliates were using Windows servers that were vulnerable at the time, in 2013, to the Microsoft exploits published by the Shadow Brokers.

Numerous Windows hacking tools are also among the new batch of files the Shadow Brokers dumped Friday. The Intercept matched a unique tracking code in one of the document dumps to a previously unreleased document from Edward Snowden's NSA leaks, providing credibility for the Shadow Brokers wares. This suggests the document dump could be a retaliation by Russian Federation (if the Shadow Brokers are indeed a front for Russia) to recent USA military actions.

Back in August the group released a bunch of hacking tools and on Friday it released another bunch of "really fantastic stuff" according to Nicholas Weaver, a computer security researcher at the International Computer Science Institute in Berkeley on the blog Lawfair.

That may indicate that the documents, if they are authentic, are older.

In response to a question about how the company is addressing, the issue a Microsoft spokesperson said, "We are reviewing the report and will take the necessary actions to protect our customers".

Altre relazioniGrafFiotech

Discuti questo articolo

Segui i nostri GIORNALE