Some 15 months after the National Security Agency, in partnership with the FBI, began investigating a major breach of its digital surveillance technology by a group called the Shadow Brokers, the spying agency still does not know whether it is a victim of external hacking or a true leak, or whether the culprits are agency insiders or working for another government or some combination thereof. Indeed, as an extensive New York Times report published Sunday explains, the Shadow Brokers breach "far exceeds" the revelations of NSA whistleblower Edward Snowden, who in 2013 exposed the agency's complex, invasive mass surveillance of American citizens.
The distinction between the two breaches is one of kind, not degree:
Mr. Snowden's cascade of disclosures to journalists and his defiant public stance drew far more media coverage than this new breach. But Mr. Snowden released code words, while the Shadow Brokers have released the actual code; if he shared what might be described as battle plans, they have loosed the weapons themselves. Created at huge expense to American taxpayers, those cyberweapons have now been picked up by hackers from North Korea to Russia and shot back at the United States and its allies. [The New York Times]
As a result, businesses, hospitals, and millions of ordinary people around the world have been victimized by NSA-created ransomware, which takes control of a user's computer and demands payment to restore data access. In the meantime, Shadow Brokers has accompanied the breach with online taunts of the NSA's investigatory failures, and morale at the agency is low as internal scrutiny continues. Read the full Times report here.