The NSA knows its weapons may one day be used by its targets

[InfoSec News <alerts () infosecnews org>]

https://www.cyberscoop.com/nsa-exploits-reverse-engineering-vulnerabilities-equities-process-symantec/

By Shannon Vavra
CYBERSCOOP
May 14, 2019

U.S. military commanders say that when U.S. Cyber Command and the National 
Security Agency use a capability against targets abroad, they understand it 
might eventually be used by an adversary.

The threat of having the NSA's tools leaked has been an issue inside the agency 
for years now -- former NSA contractor Edward Snowden brought it into the 
public domain when he revealed a trove of NSA programs in 2013 -- but the risk 
of having adversaries detect, obtain or reverse engineers NSA-used tools has 
become especially salient in the last week. Researchers from cybersecurity firm 
Symantec revealed that a Chinese-linked hacking group had repurposed tools 
linked with the NSA as early as March of 2016 and used them to attack various 
targets around the world.

Although Cyber Command's Director of Capabilities and Resource Integration, 
Maj. Gen. Karl Gingrich, did not directly address this report, when asked how 
Cyber Command protects tools from being used or acquired by adversaries, he 
said safeguarding them is a "priority... but at the end of the day once you 
have used the tool, it’s out there."

It is unclear how the group -- known as Buckeye -- obtained the tools, but 
Symantec assesses it is possible it observed an NSA-linked attack, then 
gathered enough info to repurpose the code. It is also possible Buckeye stole 
the tools from an unsecured server or leaked the code to the group, although 
Symantec said that was less likely.

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_