9

I downloaded all of the recent NSA and CIA leaks and browsed through them. With the exception of the leak that contained the exploit which has led to the current outbreak of ransomware, all of them were pretty tame. The CIA one didn't contain anything sensitive that could be used by attackers, it was just documentation on some of their tools, no actual content. The other NSA leaks did contain some exploits that are technically zero days, but they were all for very old software and operating systems that are not widely used anymore, certainly not for anything important.

Without going into the actual content of the leaks, I find it worrying that so much has come out recently. There is no doubt that we're getting the NSA's breadcrumbs, and these leaks have not contained the most serious exploits in their arsenal. After Stuxnet happened, several people within the NSA claimed that they had the capability to pretty much wipe out Iran's entire infrastructure. What is going to happen if another batch of leaks comes out containing a bunch of zero days that would affect industrial control systems? Rather than some older Windows computers being encrypted, we could see water supplies being cut off globally instead.

Is there even anything that can be done to stop something like that happening?

I downloaded all of the recent NSA and CIA leaks and browsed through them. With the exception of the leak that contained the exploit which has led to the current outbreak of ransomware, all of them were pretty tame. The CIA one didn't contain anything sensitive that could be used by attackers, it was just documentation on some of their tools, no actual content. The other NSA leaks did contain some exploits that are technically zero days, but they were all for very old software and operating systems that are not widely used anymore, certainly not for anything important. Without going into the actual content of the leaks, I find it worrying that so much has come out recently. There is no doubt that we're getting the NSA's breadcrumbs, and these leaks have not contained the most serious exploits in their arsenal. After Stuxnet happened, several people within the NSA claimed that they had the capability to pretty much wipe out Iran's entire infrastructure. What is going to happen if another batch of leaks comes out containing a bunch of zero days that would affect industrial control systems? Rather than some older Windows computers being encrypted, we could see water supplies being cut off globally instead. Is there even anything that can be done to stop something like that happening?

4 comments

[–] pembo210 4 points (+4|-0) Edited

It would have been nice if the NSA would have told us how to defend against its stuff once they went public. Taxpayers basically paid for these tools to be developed and now they're being used against us. I'm not happy about it.

[–] xyzzy 2 points (+2|-0)

It would have been nice if the NSA would have told us how to defend against its stuff once they went public.

The reasonable thing would be to inform the software vendor of the security hole, so it would be fixed by the time it gets public and all the updated computers would be safe. But no, every intelligence agency in the world is hoarding 0days.

[–] [Deleted] 3 points (+3|-0)

Good questions. I think the current path people are on could use a rather large hiccup. Hopefully not water supplies cut off but anything worth doing is worth doing fully.

[–] PMYA [OP] 3 points (+3|-0)

Some industrial control systems are actually connected to the internet.

An automated attack on a widely used piece of hardware could take out god knows what. Even worse, some of these things will undoubtedly be connected to a central control system, similar to what happened with the Dallas siren incident.