A hacker group called the Shadow Brokers have made its name earlier this month by leaking NAS files on Github, exposing a hacking tool that belongs to the NSA’a Tailored Access Operations team. Some informed sources suggest that this leakage may come from an inside source within the NSA.
Security experts speculated that the leaked software may have come with the help of an NSA insider. While the hacking tools were said not to have come from the Snowden’s document cache, they may in fact be associated with another leaker who provided information to Jacob Appelbaum and Wikileaks.
Some security expert debunked the theory that it is Russia that has stolen the hacking tools. Jame Bamford, the author of The Shadow Factory: The Ultra-Secret NSA From 9/11 to the Eavesdropping on America, wrote in a commentary on Reuters that “there seems little evidence backing up the accusation”.
“If Russia had stolen the hacking tools, it would be senseless to publicize the theft, let alone put them up for sale. It would be like a safecracker stealing the combination to a bank vault and putting it on Facebook. Once revealed, companies and governments would patch their firewalls, just as the bank would change its combination.” said Bamford, who is one of commentators that believe the leakage comes from an “insider theft”.
On August 13, 2016, the Shadow Brokers released the leaked files on Github, claiming they came from the Equation Group, an organization linked to the NSA. The files included code allegedly designed to exploit firewalls from American manufacturers Cisco, Juniper and Fortinet . One Chinese company, Topsec, was also an Equation target, according to the leaks.