NSA Spying Tools Revealed Online Amid Hacking Fears
ARI SHAPIRO, HOST:
And now to intrigue in the national security world. Once again, it looks like there has been a cyberattack in Washington - one that may involve Russia. What's new this time is the apparent target, the National Security Agency. Here to shed some light on whether the world's most elite hackers have themselves been hacked is NPR's Mary Louise Kelly. Hi, there.
MARY LOUISE KELLY, BYLINE: Hey, Ari.
SHAPIRO: So has the NSA, in fact, been hacked?
KELLY: It has - or at least code created by NSA hackers. One possibility is that somebody broke into NSA servers. Another possibility, I'm told, is that this code was obtained from some other server somewhere else where that code was stored. But as to whether this is NSA code, the experts I've been talking to are using phrases like no doubt. You know, zero debate. The files are real.
SHAPIRO: And what's in the code? What does it do?
KELLY: Well, it appears a set of tools - a tool kit - used to attack computer firewalls. So this is software the NSA is using to target foreign governments, for example. The good news from the NSA's point of view is that it's an old tool kit. The most recent file dates from 2013. And it appears to have been taken back in 2013, which suggests that whoever took it has been sitting on it. Also suggests that whoever took it may have lost access around that time.
SHAPIRO: You say whoever took it. Is there a Russia connection? If so, what is it?
KELLY: Well, so the group that's claiming credit calls themselves the Shadow Brokers. They are shadowy, indeed, because no one has ever heard of them before this week. And all eyes are, yes, on Russia. Edward Snowden himself has weighed in from his exile in Moscow. He says he thinks it's Russia. And that appears to square with the experts in the cyber world who I've been talking to.
One who I spoke to today - a man named Thomas Rid. He's at King's College London. He said, look, there is no hard proof - true - but he pointed to two things. One - the sophistication of this. This required advanced skills, and that narrows you down to a very short list of countries pretty fast. Second indicator he pointed to was the timing. He said - what country other has demonstrated an interest in dumping information right now?
And I don't need to remind our listeners that this follows the release of the hacked DNC emails which Democrats and many experts have pinned on Russia. This question I put to Adam Schiff, the ranking House Democrat on the House Intelligence Committee. He would not confirm or comment on any of the details, but he did tell me this.
ADAM SCHIFF: If these allegations were true, I would be very concerned about the impact on the intelligence community. If this were a Russian actor - and, again, there's multiple ifs here - we'd have to ask, you know, what is causing this escalation.
KELLY: And why, Ari. I mean, he has said - what's the motive?
SHAPIRO: You also mentioned Edward Snowden. Are investigators looking into whether this could possibly be an inside job?
KELLY: They are. That is the other theory making the rounds. The people I'm talking to say they think that that is less likely. But again, no hard proof - can't rule anything out.
SHAPIRO: What have we heard from the NSA today?
KELLY: The NSA, shockingly, is not returning my calls or emails today.
KELLY: But the consensus appears to be that this is not a catastrophe operationally for the NSA. Embarrassing, absolutely - catastrophic breach, no. I mean, again, remember this is code from 2013. That is an eternity in the cyber world.
SHAPIRO: I understand why somebody would try to steal a cyber tool kit. Why would they make it public? What's the motive here?
KELLY: Well, we don't know. I mean, again, without knowing for sure who is behind it, impossible to say why they have done this. I will say this. This group claiming credit, Shadow Brokers - they say they have more files - a second set of tools. They're going to auction them off, they say, to whoever will bid the most bitcoins. Very strange. But that sows confusion 'cause now you've got everybody wondering - do they have more files? What have they got?
SHAPIRO: NPR national security correspondent Mary Louise Kelly, thank you.
KELLY: You're welcome.
NPR transcripts are created on a rush deadline by Verb8tm, Inc., an NPR contractor, and produced using a proprietary transcription process developed with NPR. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.