Since August 2016, the National Security Agency has suffered a continual stream of devastating failures. Their internal hacking group, known as Tailored Access Operations (TAO), was breached 15 months ago by hackers calling themselves the “Shadow Brokers,” which has been dribbling out the contents of the NSA’s most prized hacking tools. The result has been a wave of internet crime — ransomware, lost files, and network attacks that disrupted businesses and cost hundreds of millions of dollars.
And as this New York Times story illustrates, the agency has been completely incapable of figuring out how the breach happened. Their computer networks could have been penetrated, or they could have someone on the inside leaking the tools. But after more than a year, they have not been able to plug the leak. It’s long past time the NSA was forced to stop hacking, and to start protecting the American people from the sort of tools they create.
At the time of the leak last year, I speculated that the NSA was exposing the American people to online attack, but I was not prepared for how bad it would be. Several huge ransomware attacks (in which a computer is infiltrated, its hard drive encrypted, and the de-encrypt key held for a bitcoin ransom) using NSA hacking tools have swept the globe, hitting companies like FedEx, Merck, and Mondelez International, as well as hospitals and telecoms in 99 countries.
Cyber weapons are different, because they are implicitly revealed, and available for manufacture and deployment, by the target once they are years.
Would it make sense to send drones after ISIS/ISIL/Daesh/Whatever if in so doing, they would be able to deploy drones against targets in the US?
This is how cyber works.