KTEP - El Paso, Texas

NSA's Hackers Were Themselves Hacked In Major Cybersecurity Breach

Nov 14, 2017
Originally published on November 14, 2017 5:51 am
Copyright 2017 NPR. To see more, visit http://www.npr.org/.

DAVID GREENE, HOST:

And let's talk now about an extraordinary security breach at the NSA. A group known as The Shadow Brokers have stolen sophisticated tools the agency uses to penetrate computer networks. In other words, the NSA's own hackers have been hacked, it appears. This all began last year, and it looks like The Shadow Brokers have tried to sell some of the NSA's cyberweapons. Matthew Olsen worked at the NSA as general counsel. He was later director of the National Counterterrorism Center. He's in our studio this morning. Thanks for coming in.

MATTHEW OLSEN: Thanks for having me.

GREENE: So who are The Shadow Brokers?

OLSEN: You know, The Shadow Brokers is, you know, as the name implies, a very shadowy group of hackers, and apparently very sophisticated hackers. We don't know, though, exactly who they are or even where they are.

GREENE: You don't know, and presumably the NSA has not been able to figure this out, which is part of the alarm here.

OLSEN: It certainly is part of the ongoing investigation - find out who these folks are, how they got these tools, where the tools came from. Remember, this is an ongoing investigation, and at this point, nobody's been identified as who those hackers are.

GREENE: So this could be a foreign government. This could be just some hackers who wanted to get this stuff. This could, in theory, involve employees at the NSA itself. I mean, a lot of possibilities here.

OLSEN: Lots of possibilities, lots of speculation. But the, you know, one of the main candidates is possibly a foreign government because of how sophisticated these hackers appear to be.

GREENE: And what exactly are the tools that they have been able to steal?

OLSEN: Yeah. It's exactly as you said, David. Very sophisticated, very sensitive, high-end, really weapons-grade computer code. These are hacking tools that are used to get around firewalls, to defeat anti-virus, to get into computer systems. They're exactly the kind of tools that nations build in order to exploit communications.

GREENE: You said weapons-grade. I mean, help people understand, you know, what a cyberweapon is as opposed to a more traditional weapon.

OLSEN: Yeah. Well, there's lots of hackers out there. We all hear about hackers and cyberattacks all the time, but there's levels of gradation in terms of how sophisticated those types of weapons are, those types of attacks are. Code like this that's used to break into very sophisticated and well-defended computer systems, that takes years and years to develop, and lots and lots of money and very, very sophisticated computer scientists and engineers. And that's what's so troubling here, is that apparently these tools have now fallen into the wrong hands.

GREENE: OK. So I don't want to speculate too much, but you say that there's the possibility that this is a foreign government. We've heard all about, you know, Russia's capabilities and other nations. If a nation like Russia had these tools, what could they do with them and how damaging could it be to U.S. national security?

OLSEN: Well, the really dangerous thing now is that these tools are out in the wild. So what we're seeing, and we've seen this over the last year, is that these tools are being used to facilitate computer attacks. So we saw ransomware attacks earlier this year that affected millions of people.

GREENE: Using these tools.

OLSEN: Using these tools to really advance the attacks, really to carry out these exploits.

GREENE: There were some hospitals in Britain, I think, that were turning away patients because of one of these attacks.

OLSEN: Exactly right. So they're used - they've been used also to go after really critical organizations like hospitals both here in the United States and in Europe. And so now these tools that were really possibly just in the hands of a very small number of people, inside governments, are now out and available on the internet. So, you know, pretty much anyone who's sophisticated can now get access to them.

GREENE: A lot of people hear NSA, and they think about the name Edward Snowden and that leak. People are suggesting this might be far worse than that in terms of the credibility of the agency and also the potential damage. Is that true?

OLSEN: It does seem like that's potentially true. I mean, Edward Snowden did damage, no doubt. He talked about programs that had been classified and were secret and gave insights to our adversaries about those programs. But this could be worse in the sense that this isn't just about the programs generally, but it's the computer code, the actual weapons, the actual information that can be used to carry out attacks. And so that's why it's potentially even worse.

GREENE: I think Americans like to think of their government being very good at counterterrorism, very good at intelligence, and they would wonder, how in the world could this happen, how in the world does it keep happening?

OLSEN: So our government is very good at this, and very good at defending information and also collecting foreign intelligence. I mean, take a step back and remember NSA's job is to go out around the world and collect foreign intelligence, identify the communications of our adversaries, terrorists, other nations and pull in those communications. But that job has gotten a lot harder in the digital age. This is not James Bond picking up a single digital cassette tape, for example. This is trying to find signals around the world and pick those up in this vast digital noise, and they're very, very good at it.

GREENE: Just briefly, how bad is morale right now inside the agency?

OLSEN: Yeah, I can understand the concern about morale in the agency, but I worked with these folks. These are some of the most dedicated and most brilliant people I've ever worked with. They are only going to redouble their efforts, I think.

GREENE: Matthew Olsen was the general counsel at the NSA, former director of the National Counterterrorism Center, talking to us about a significant hack of the agency that they're confronting right now. Thanks for coming in. We appreciate it.

OLSEN: Thanks for having me, David. Transcript provided by NPR, Copyright NPR.