Who’s really behind the DNC/NSA hacks? Russia, Snowden, independent hacker, or hybrid of all three?

// August 17th, 2016 // Hacking and Security

Who’s really behind the DNC/NSA hacks? Russia, Guccifer, Snowden, or hybrid of all three?

Regardless of whether you consider Edward Snowden’s leaks of classified information to be self-sacrificial acts of patriotism or the deeds of a traitor, the recent DNC data dump and NSA cyber weapons malware (milware?) code drops have all the markings of a Snowden escapade. If you disagree, consider the timing of the code drop and who has the most to gain.

NSA code leak – conventional theories

Most believe the NSA code drop were the actions of either the Russians, an independent hacker (i.e. Guccifer 2.0), or the Russians pretending to be an independent hacker collective (i.e. The Shadow Brokers). The Russians, they theorize, are attempting to influence the Clinton/Trump presidential election via the DNC data dumps with the NSA code drop added to the mix as a “threat” to US intelligence agencies.

The Russians

If the Russians stole the weaponized malware, you can be certain the US government knows who did it. With the code in hand for three years, the Russians would have countered the attack vectors and the United States would have recognized quickly. Also, the US government would not pass up the opportunity to shift blame to the Russians if they were certain they were the culprits.  However, even though the Russians may not have stolen the code, they could have played a role in the leak…

Guccifer 2.0

Guccifer, the notorious, unidentified hacker believed to be from the Eastern Bloc, takes great care to point out that he’s not Russian. This of course leads many to believe he is indeed Russian (or more likely, a Russian hacker collective). However, all indications hint that Guccifer favors Clinton. And you can’t help but notice Guccifer did not take credit for the hack.

Alternative “what if” theories

A US inside job

Some are theorizing the NSA code was dropped by the United States themselves. This seems unlikely but you can’t help but wonder if the US is not itching for a reason to go after Russia who lately, seem to be growing too big for their britches. A drop of outdated code is not out of the question – but unlikely.

An insider job

Somewhat related but more likely, the pilfered code was an insider job. The NSA codebase would naturally be locked down tightly – almost certainly not accessible on a network and definitely not reachable via the Internet. The only way to gain access to the code, an air-gap type attack vector notwithstanding, would be from the inside. Again though, why was it held for so long before being released?

The timing of the NSA code drop

It’s currently unknown why the NSA code was leaked. Possibly it was being used by the perpetrators and as new routers hit the market, has outlived its purpose.

Possibly the NSA code was released in order to embarrass the United States. The code’s footprint has already been tied to prior hacks suspected to be of US origin. This could have stunning ramifications for the United States. And of course the US and Russia have been going tit for tat over cyberwarfare for a few years now.

The NSA malware may have been dropped to neuter the attack vectors. The free dump was mostly binary code and where possible, manufacturers are already scrambling to patch their devices quickly (if the spyware  has not already been rendered ineffective thru prior firmware patches, which I suspect it has).

Most likely however, it a combination of all three. The code was utilized and is no longer as effective. Russia lobs another shot at the US to neuter the code once and for all. If Snowden has possessed the code all along, it would be easy enough for Russia to influence Snowden’s release of NSA spy tools.

Could the NSA code drop be an Edward Snowden escapade?

When the NSA code dropped, Snowden was quick to implicate the Russians, an unusual action given the hospitality (i.e. asylum) they’ve offered Snowden. However, Snowden’s statements as a diversion tactic make perfect sense. Snowden was a CIA insider at one time with access to secure code. He’s proven to have leaked NSA information and is suspected of leaking NSA code before (e.g. 2014 XKeyscore).  By all means, he should be the number one suspect.

The NSA code is three years old and has certainly been modified extensively since then. Thus, we can assume it was likely stolen three years prior. This would put the time of theft at the exact moment Snowden stole government assets and fled the country. Not about the same time or in the general range, but to the month (May/June 2003). Coincidence? Not likely.

Snowden has said he favors neither Clinton nor Trump (according to him, it’s like choosing between Cholera and the Plague) but which candidate would benefit Snowden, or more importantly, the Russians? Trump has called Snowden a “spy” and said he should be assassinated (not executed, but “assassinated”). However, Trump as president would strengthen Russian ties and possibly impact Snowden’s situation there. Even more likely, a NSA code leak by Snowden could easily have been influenced (read “pressured”) by the Russian government. Russian continues to allow Snowden asylum but we have to consider what they expect from him in return.

Snowden the traitor?

It’s highly unlikely that Snowden is a “traitor”, at least in the traditional sense of the word. It is much more likely that he’s being exploited by the Russians. We have very little communication with Snowden.  Access to Snowden is  tightly controlled even forbidden for journalists in Russia.  It doesn’t matter if Snowden claims he’s perfectly fine, we have little reason to believe he’s not being manipulated by Putin’s heavy hands.





« « Previous Article: Americans are intelligent but history shows they could still elect a fascist, Hitler-like leader     » » Next Article: Calm down everyone – Samsung’s not going to make you send your Note 7 back for repairs.


Leave a Reply

You must be logged in to post a comment.

%d bloggers like this: