Former National Security Administration tech expert tells all.
Another day, another news headline concerning hacking of US government accounts, this time with software that specifically targeted Macs and Apple devices, long known for their lower susceptibility to viruses and malware. From the Office of Personnel Management hacking in 2015 that exposed the complete identities of more than 21 million government employees and their connections to the highly controversial Democratic National Committee (DNC) hacking during the election which leaked emails and voter records, the government has quite the security problem.
A new report is shedding some light on the culprit, or more accurately, what tools the culprits are using. The OPM breach was believed to be the work of state-sponsored foreign operatives, but which state? Investigators initially blamed China for ordering the breach, but then some Russian hacking firms looked more likely. Blame for the DNC hacking has been squarely dropped on the shoulders of Russia all along, specifically a group known as Fancy Bear of which Putin has long had connections.
But what method did these groups deploy in order to infiltrate what are supposed to be some of the most secure computers in operation? According to a former National Security Administration tech expert, it looks an awful lot like some software the US government bought years ago in order to do a little hacking itself.
The plot thickens…
Thomas Fox-Brewster for Forbes outlines the discovery made by Patrick Wardle, the ex-employee who is now head of research at Synack. Like many other interested parties, Wardle found the malicious code online after the contents of the DNC hack were dumped on the internet via Wikileaks. He is beyond-the-shadow-of-doubt certain that the same code Russian hackers used to break into the DNC computers is the same malware – minus a few deleted useless functions – that the US government bought from Italian software firm Hacking Team.
Why is the US government buying malware abroad? Do you even need to ask? The more interesting question to ask is why Hacking Team sold it to the US government and to the Russian government.
According to Fox-Brewster’s report, “Hacking Team, a so-called ‘lawful intercept’ company whose emails and files were dumped on Wikileaks after a breach in 2015, sold to both America and Russia. It was a provider for the FBI from 2011, selling as much as $775,000 in surveillance tools, though the feds found limited use for them. The DEA [Drug Enforcement Administration] and the DoD [Department of Defense] were also customers, spending $567,000 and $190,000 respectively. Emails indicated it demoed and sold kit to the FSB too, spending as much as $450,000 via research center Kvant. And in leaked emails an employee from Hacking Team’s chief Israeli surveillance partner NICE noted the FSB was particularly interested in infecting Apple Macs.”
There are some old adages about your actions coming home to roost, or karma coming back to bite you in the… never mind the rest. The only surprising thing about this discovery is that the victims of the hacking seem so shocked that it happened.