NSA Hacking Tips Revealed

Hackers have released computer files and documents that provide the framework for how the U.S. National Security Agency (NSA) used weaknesses in the global system’s security to access the same system that’s used to transfer money between accounts. The documents and files indicate how NSA has accessed SWIFT money transfer system via service providers in Latin America and the Middle East and is just one example in a series of recent disclosures in previous months.


Matt Suiche, the founder of cybersecurity firm Comae Technologies, said, “As soon as they bypass the firewalls, they target the machines using Microsoft exploits.” These exploits are basically programs which are designed to take advantage of security flaws and are what hackers use to gain access, eavesdrop, and carry out other hacking tasks. After the leak, users were obviously concerned, but Microsoft assures its customers that these security flaws have now been patched.

SWIFT downplayed the incident and although admitted some banks had been breached, nowhere was the NSA mentioned at all. In a recent presentation released by the hacking group, Shadow Brokers indicates that in breaching the SWIFT system the NSA used a tool name BARGELEE. One slide showed the NSA’s official seal, while another referred to ASA firewalls, where Cisco are the only manufacturers of these. Apparently, there were nine servers in total at SWIFT contractor, EastNets, that were targeted by the NSA, although currently, the company is denying the attack.


The documents also suggest that after the NSA penetrated the firewall of the SWIFT service providers, they then used Microsoft exploits to target any computers that were linked to the SWIFT network. Again, Microsoft is adamant that patches are now in place that has fixed any previous flaws that were exploited by nine NSA programs. Microsoft failed to comment as to how it found out about the exploits. In the past, the company has monitored discussions about exploits on the Internet and hired ex-intelligence agency staff to help protect its software.


More News to Read

Comments

comments