NSA Hacked: How does it affect your IT Security?


Is the NSA Hacked or hackable?

Everybody talks about NSA hacked these days and last year there was a serious hacking of the NSA by the Shadow Brokers group. There they stole important tools that the NSA used to hack. These, apparently, were forgotten in a server where an NSA worker worked, ending up in the hands of the public a few months later. One of those tools gave rise to WannaCry, a ransomware that sowed chaos in the middle of the year.

NSA Hacked Again: A Serious Security Problem

Now, the NSA has again been hacked by another serious oversight. The company left on a server of Amazon Web Services a virtual disk (a backup of a system) dated 2013. It contained more than 100 GB of data from a computer with the code name “Red Disk”. The operating system used in that virtual disk is a Linux distribution. However, trying to install it does not start because it probably depends on computers and servers inside the Pentagon.

The server, although it was not listed, did not have a password, so anyone with the address could access it. This subdomain had the name of “INSCOM”, an abbreviation of US Army Intelligence and Security Command. It was Chris Vickery, director of cyber risks at Upguard, who discovered this server at the end of September. In turn, he alerted the government in October.

The third time the NSA is hacked

This type of leaks in Amazon servers also happened to the Pentagon, Verizon or the Dow Jones. However, those of the NSA are the most dangerous because they include harmful tools that seek to hack and attack targets. This is the third major leak of the NSA, after that of Snowden in 2013 and that of Shadow Brokers in 2016. No doubt that when the NSA is hacked there are many risks.

The files of this filtration are classified as NOFORN (No Foreign Nationals). This refers to information so sensitive that the United States does not share it with foreign allied countries.

In total, 47 visible files form the data, three of which could be downloaded and showed national security data. The rest of the files could not be downloaded because it was necessary to be inside a Pentagon network to do it.

Among the information present in those files, it was found:

Virtual hard disk with classified communications information at military and state level

Details about the DCGS-A defense platform

Information from Red-Disk, a cloud-based intelligence system to allow soldiers in the field to send classified reports, drone recordings, satellite images, etc. Its cost was 93 million dollars, and the project failed because it was slow, difficult to use, and full of crashes.

Private keys of Invertix, a company that works with INSCOM.

It is not the first time that an attack of this magnitude takes place and will certainly not be the last. However, future attacks will further harm States and increase their problems. That’s why you should always be protected against hackers at all levels.

The NSA already assured that it will correct errors in the future but, can it be trusted after multiple mistakes? We will have to wait until the next attack is not so serious as to harm a country.