By Jef Cozza / CIO Today. Updated January 15, 2017.
Network security is about to get a lot more complicated for enterprise IT departments. Numerous hacking tools believed to be designed by the National Security Agency (NSA) just hit the Internet, available at no charge to anyone who wants to download the files. The tools include 61 files that appear to target Windows machines.
The release of the hacking tools comes courtesy of the hacking collective calling itself the Shadow Brokers. The group previously announced that it planned to sell the tools to the highest bidders, but appeared to have backed off that plan after the sale failed to attract enough interest. The group had originally requested at least 10,000 bitcoins -- the equivalent of about $8.2 million -- in exchange for access to the files.
'TheShadowBrokers Is Going Dark'
However, on Thursday, the group announced in a post written in broken English that it was ceasing its operations and would be going dark.
"TheShadowBrokers is deleting accounts and moving on so don't be trying communications. Despite theories, it always being about bitcoins for TheShadowBrokers," the group said in its final post. "You are being disappointed? Nobody is being more disappointed than TheShadowBrokers."
The post did not make it immediately clear why the group has decided to close its doors, although it did make reference to "political talk" and the increased risk inherent in its involvement with high-profile hacking cases.
While it is impossible to say for sure where the Shadow Brokers obtained the tools, samples of the malware files released by the group in August appeared to match programming code that had been obtained by whistleblower Edward Snowden while working for the NSA, although he never released the files.
The tools are believed to have been designed by an outfit known as The Equation Group, itself a hacking team believed by many experts to be supported by the NSA.
A Digital Cold War
However, this may not be the end of the Shadow Brokers. The group said that it still has additional exploits and stolen passwords that it's holding in reserve, which the group may release at a later date if it's not paid to keep them off the market.
As for why the group is surrendering its most powerful tools now, intelligence experts quoted in press reports said that the move makes sense if the group is connected to Russian intelligence agencies. According to this theory, the release is a sort of warning from the Russian government to the new U.S. administration not to escalate the ongoing cyber conflict between the two nations.
Another infamous hacker believed to be tied to the Russian government, Guccifer 2.0, also made an announcement the same day as the Shadow Brokers released the malware tools. Guccifer’s post denied reports from U.S. intelligence agencies that he or she is a Russian agent. Guccifer is the hacker who claimed responsibility for hacking into the emails of Democratic presidential candidate Hillary Clinton and transmitting them to Wikileaks.