Insecurity Are Us: Why the NSA Breach Has Harmed Everyone

The NSA, presumably the most stalwart of the United States’ cybersecurity organizations, was infiltrated by a group know as the Shadow Brokers over a year ago. The group stole the NSA’s hacking tools, and provided them to everyone for money. State-sponsored hacking never had it so easy.

These hacking tools are causing miilions, if not billions, of dollars of harm all over the world, including small businesses and individuals. The recent cryptoware WannaCry was spread worldwide by use of the NSA’s lost tools:

Millions of people saw their computers shut down by ransomware, with demands for payments in digital currency to have their access restored. Tens of thousands of employees at Mondelez International, the maker of Oreo cookies, had their data completely wiped. FedEx reported that an attack on a European subsidiary had halted deliveries and cost $300 million. Hospitals in Pennsylvania, Britain and Indonesia had to turn away patients. The attacks disrupted production at a car plant in France, an oil company in Brazil and a chocolate factory in Tasmania, among thousands of enterprises affected worldwide.

New York Times, Security Breach and Spilled Secrets Have Shaken the N.S.A. to Its Core. By SCOTT SHANE, NICOLE PERLROTH and DAVID E. SANGER NOV. 12, 2017 

It gets worse:

…they have a new suite of tools and vulnerabilities in newer software. The possible targets include Microsoft’s Windows 10, which was unaffected by the initial attack and is on at least 500m devices around the world.

The Guardian, Shadow Brokers threaten to unleash more hacking tools – Samuel Gibbs, May 17, 2017 07.56 EDT

And they don’t have a clue who they are:

Fifteen months into a wide-ranging investigation by the agency’s counterintelligence arm, known as Q Group, and the F.B.I., officials still do not know whether the N.S.A. is the victim of a brilliantly executed hack, with Russia as the most likely perpetrator, an insider’s leak, or both.

Imagine if Apple provides a “back-door” to law enforcement agencies in response to isolated incidents of terror. The NSA can’t even keep their tools safe. Do you think the FBI, New York State Police or Sherriff Andy Taylor would be able to keep these vulnerabilities out of everyone’s hands?

Vulnerabilities exist. They always have, and they likely always will. The way to privacy and security for all is to guard against any attempt to weaken security endeavors.

Apple’s business model does not include selling their customer’s personal information. Nor does most open-source software companies (like Firefox). Facebook, Google, and others harvesting data and building extensive dossiers on every single user of their services. The data is shared with their clients for highly targeted advertising and other uses. Think that data is safe? Think it already hasn’t been used against your best interests?