Ransomware
Probing Justice’s protection of hacking tools
The ransomware attack on the city of Baltimore has reignited a long-running debate about whether the National Security Agency is doing enough to protect the hacking tools and exploits
it develops. Now, a Democratic senator wants to know if the same vulnerabilities exist at the Justice Department.
In a June 5 letter, Sen. Ron Wyden (D-Ore.) asked Attorney General William Barr what the Justice Department and its component agencies were doing to keep their tools from being stolen and leaked, as NSA’s EternalBlue was in 2017 when a mysterious group known as the Shadow Brokers published it on the open internet.
“Just as the American people expect the government to protect its nuclear, chemical and biological weapons, so too do Americans expect that the government will protect its cyber arsenal from theft by hackers and foreign spies,” Wyden wrote.
He referenced a number of public reports documenting the use of such tools by the Justice Department and component agencies. Those activities include purchasing communications- monitoring software from an
Italian surveillance company, exploiting security vulnerabilities in the Firefox web browser
to install malware on at least 8,000 computers in 2015, and using third-party hacking tools
to break into iPhones and other encrypted devices during criminal investigations.
Wyden asked Barr if any of the department’s offensive cyber capabilities have fallen “into the wrong hands,” been discovered “in the wild” by security researchers or foreign governments, or used in attacks against U.S. entities.
He also wanted to know if any of the capabilities were developed by foreign companies and if so,
whether Justice officials were taking steps to ensure that the tools were not surreptitiously communicating with foreign servers, where they could potentially be stolen or seized by other nations.
Wyden’s questions come at
a time when policymakers are increasingly concerned about the government losing control of its cyber capabilities.
NSA’s EternalBlue was later repurposed and used in a number of high-profile cybersecurity incidents, including the WannaCry and NotPetya ransomware attacks in 2017. More recently, the New York Times reported that the exploit was present
34 July 2019 FCW.COM