Cyber wars

Can NSA Stop China Copying Its Cyber Weapons?

Adversaries have been copying and stealing each others’ weaponsever since Ape A threw a rock at Ape B and Ape B got the bright idea to throw it back. But recent revelations from Symantec and The New York Times suggest this problem is much bigger with cyber weapons. Why? In order to attack an enemy’s computer, they have to copy their code onto it. It’s like bombing an enemy with munitions that scatter their own blueprints around the blast site.

US hacking tools have gone astray before, most notoriously when a mysterious group called Shadow Brokers repeatedly released National Security Agency code for hackers around the globe to use in attacks like WannaCry. But cybersecurity analysts at Symantec have found evidence that hackers working for China’s Ministry of State Security were using NSA-built cyber weapons “at least a year prior to the Shadow Brokers leak.” (To avoid offending nation-states, the Symantec report only IDs the Chinese as “Buckeye” and NSA as “Equation Group”). Symantec’s suggested explanation: “one possibility is that Buckeye may have engineered its own version of the tools from artifacts found in captured network traffic, possibly from observing an Equation Group attack.”