Episode
53: Shadow Brokers
53:04
Published: Tue Dec 10 2019
Description
The NSA has some pretty advanced, super secret, hacking tools. What if these secret hacking tools were to end up in the wrong person’s hands? Well, that happened. Guest Thanks to Jake Williams from Rendition Security for telling us the story. Sponsors This episode was sponsored by Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools. Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up. Learn more about your ad choices. Visit podcastchoices.com/adchoices
Chapters
The NSA's ANT catalog contains a list of real hacks, exploits, and cyber surveillance devices that agents can use for certain missions, and was leaked to journalists at Der Spiegel by someone with access to NSA documents.
00:00 - 01:58 (01:58)
Summary
The NSA's ANT catalog contains a list of real hacks, exploits, and cyber surveillance devices that agents can use for certain missions, and was leaked to journalists at Der Spiegel by someone with access to NSA documents.
Episode53: Shadow Brokers
PodcastDarknet Diaries
DRADA offers cloud compliance software to monitor and ensure continuous safety and compliance with various industry standards.
01:58 - 08:38 (06:40)
Summary
DRADA offers cloud compliance software to monitor and ensure continuous safety and compliance with various industry standards. Hacking campaigns are often given unique code names to determine the source of an attack.
Episode53: Shadow Brokers
PodcastDarknet Diaries
The president of Rendition Security, Jake Williams, explains his analysis of Shadowbrokers cyberattack, in which stolen cyber weapons from the NSA were released and auctioned off.
08:38 - 16:33 (07:54)
Summary
The president of Rendition Security, Jake Williams, explains his analysis of Shadowbrokers cyberattack, in which stolen cyber weapons from the NSA were released and auctioned off.
Episode53: Shadow Brokers
PodcastDarknet Diaries
Researchers analyzed the list of IP addresses from the second dump by the Shadow Brokers, which claimed to be servers infected or used by the NSA for launching exploits, and looked for connections with clients through NetFlow data analysis.
16:33 - 20:53 (04:19)
Summary
Researchers analyzed the list of IP addresses from the second dump by the Shadow Brokers, which claimed to be servers infected or used by the NSA for launching exploits, and looked for connections with clients through NetFlow data analysis.
Episode53: Shadow Brokers
PodcastDarknet Diaries
The timing of the Shadow Brokers dumps coincides with periods of Russian hacking being in the news, potentially diverting attention away from the latter.
20:53 - 31:43 (10:50)
Summary
The timing of the Shadow Brokers dumps coincides with periods of Russian hacking being in the news, potentially diverting attention away from the latter. The Shadow Brokers' operations have been suggested to be either a Russian operation or in the interest of Russia.
Episode53: Shadow Brokers
PodcastDarknet Diaries
The transcript discusses the impact of being outed as the Shadow Brokers, including the potential deterrent effect it could have on others who may consider commenting on former NSA employees and the lack of real content in a rewritten article.
31:43 - 37:55 (06:11)
Summary
The transcript discusses the impact of being outed as the Shadow Brokers, including the potential deterrent effect it could have on others who may consider commenting on former NSA employees and the lack of real content in a rewritten article.
Episode53: Shadow Brokers
PodcastDarknet Diaries
The speaker speculates the possibility of US nation-state hackers being indicted, and also discusses the consequences of hackers on the Cyber's Most Wanted list traveling to or through countries with extradition treaties with the US.
37:55 - 43:31 (05:35)
Summary
The speaker speculates the possibility of US nation-state hackers being indicted, and also discusses the consequences of hackers on the Cyber's Most Wanted list traveling to or through countries with extradition treaties with the US.
Episode53: Shadow Brokers
PodcastDarknet Diaries
The hacker who deleted their login events but not their logout events and may have cleared all event logs is believed to be inexperienced in using Shadow Brokers' hacks.
43:31 - 50:29 (06:58)
Summary
The hacker who deleted their login events but not their logout events and may have cleared all event logs is believed to be inexperienced in using Shadow Brokers' hacks. Their intent may be to contest the NSA's most sophisticated hacking group and burn some of their costly exploits.
Episode53: Shadow Brokers
PodcastDarknet Diaries
The leak of hacking tools by the Shadow Brokers gave government hacking teams a chance to analyze the exploits and use them in their own operations.
50:29 - 53:04 (02:35)
Summary
The leak of hacking tools by the Shadow Brokers gave government hacking teams a chance to analyze the exploits and use them in their own operations. As a result, digital forensics and incident responder teams have seen an increase in attacks using similar tools.