Image copyrightGetty ImagesImage caption
The NSA is facing criticism for not sharing details of the security flaws with Microsoft
A huge range of security weaknesses, said to be worth over $2m if sold on the black market, have been leaked online.
The
tools are said to have been created by the US National Security Agency
(NSA), and accompanying documents appear to indicate a possible breach
of the Swift global banking system.
Such a hack could have enabled the US to covertly monitor financial transactions, researchers said.
The files were released by Shadow Brokers, a hacking group that has previously leaked malware.
If genuine, it represents perhaps the most significant exposure of NSA files since the Edward Snowden leaks in 2013.
On Twitter, Mr Snowden described it as the "Mother Of All Exploits" - a reference to a bomb recently used by the US military in Afghanistan.
Multiple
experts have said this latest "data dump" is credible - though the
institutions implicated have dismissed the claims, or refused to
comment.
Swift, which is headquartered in Belgium, said: "We have
no evidence to suggest that there has ever been any unauthorised access
to our network or messaging services."
The BBC is not able to verify the authenticity of the files - and the NSA has not commented on the leak.
Swift was successfully targeted by hackers last year when criminals stole $81m from the Bangladeshi central bank.
Watching the Middle East
Swift is a network that allows global banks to move money around the world.
In
the Swift network, smaller banks often make use of service bureaus to
handle transactions on their behalf. Documents included in the leak
suggest at least one major bureau, EastNets, may have been compromised.
"If
you hack the service bureau, it means that you also have access to all
of their clients, all of the banks," said Matt Suiche, founder of the
United Arab Emirates-based cybersecurity firm Comae Technologies,
speaking to Reuters.
Headquartered in Dubai, EastNets has clients
in Kuwait, Dubai, Bahrain, Jordan, Yemen and Qatar. Spreadsheets
published by Shadow Brokers appeared to list banks that had been
breached with "implants" - secret data-gathering software.
Cris
Thomas, a security researcher with Tenable, said analysis of the leaked
files suggested the US government had the capability "to monitor, if not
disrupt, financial transactions to terrorists groups".
In a statement on Friday, EastNets strongly denied the claims.
"The
reports of an alleged hacker-compromised EastNets Service Bureau
network is totally false and unfounded," a spokesperson said.
"The
EastNets Network Internal Security Unit has run a complete check of its
servers and found no hacker compromise or any vulnerabilities.
"The
photos shown on Twitter, claiming compromised information, is about
pages that are outdated and obsolete, generated on a low-level internal
server that is retired since 2013."
Windows threat
The
files contained several "zero day" exploits - vulnerabilities that were
previously unknown to the companies that create the software, or the
security community at large.
The zero-days targeted Windows
machines, though researchers said none in the cache would be effective
against the latest version, Windows 10.
That said, multiple
experts said the sheer number of zero days released at the same time was
unprecedented. One researcher, speaking to Vice, said the exploits would have been worth more than $2m if sold privately.
In January, a Twitter account believed to be run by the group announced an auction of the exploits,
but it appears the group did not find any buyers. The NSA is now facing
criticism for not sharing details of the exploits with Microsoft once
it became clear the tools were in the hands of a hacking group.
Microsoft
said in a statement to the BBC that it was "reviewing the report and
will take the necessary actions to protect our customers".
At scene of N Korea military parade
US government 'hacked global bank system'
No comments:
Post a Comment