NSA’s supply of Windows hacking tools has been exposed.
Back in 2016, the hacking group named Shadow Brokers emerged. This weekend was perhaps one of their most notable releases since they first appeared. They exposed a series of surveillance tools and exploits used by teams inside the US’s National Security Agency. The NSA used the Windows hacking tools to target several banks, including the SWIFT banking system.
This cachet of tools and exploits affects Windows 2000, Windows XP, Windows 7, Windows 8, as well as their server-side variants like Server 2000, 2003, 2008, 2008 R2 and 2012. Now, these tools have been made publicly available, they will almost certainly be used by other organisations and individuals, to attack unpatched systems in order to gain access to resources and information.
Microsoft has confirmed many of the exploits that were already patched. Unfortunately, unsupported products, such as Windows XP, Windows Server 2003, Exchange 2007 and IIS 6.0, are unlikely to receive fixes (if they were not already patched).
We encourage everyone to ensure their computers are all up-to-date, appropriate security measures are in place. That any products no longer supported by Microsoft are already being retired, or that their retirement is being actively planned. If this is something you need assistance with, or just want to talk about, get in touch.
For more information see related blog posts, use #ShadowBrokers.