Microsoft says users are protected from NSA malware
PARIS: Up-to-date Microsoft customers are safe from the purported National Security Agency spying tools dumped online, the software company said yesterday, tamping down fears that the digital arsenal was poised to wreak havoc across the internet. In a blog post, Microsoft Corp security manager Phillip Misner said that the software giant had already built defenses against nine of the 12 tools disclosed by TheShadowBrokers, a mysterious group that has repeatedly published NSA code .
The three others affected old, unsupported products. “Most of the exploits are already patched,” Misner said. The post tamped down fears expressed by some researchers that the digital espionage toolkit made public by TheShadowBrokers took advantage of undisclosed vulnerabilities in Microsoft’s code. That would have been a potentially damaging development because such tools could swiftly be repurposed to strike across the company’s massive customer base.
Those fears appear to have been prompted by experts using even slightly out-of-date versions of Windows in their labs. One of Microsoft’s fixes, also called a patch, was only released last month. “I missed the patch,” said British security architect Kevin Beaumont, jokingly adding, “I’m thinking about going to live in the woods now.” Beaumont wasn’t alone. Matthew Hickey, of cybersecurity firm Hacker House, also ran the code against earlier versions of Windows on Friday. But he noted that many organizations put patches off, meaning “many servers will still be affected by these flaws.” Everyone involved recommended keeping up with software updates. “We encourage customers to ensure their computers are up-to-date,” Misner said.
Meanwhile, hackers released documents and files on Friday that cybersecurity experts said indicated the US National Security Agency had accessed the SWIFT interbank messaging system, allowing it to monitor money flows among some Middle Eastern and Latin American banks. The release included computer code that could be adapted by criminals to break into SWIFT servers and monitor messaging activity, said Shane Shook, a cyber security consultant who has helped banks investigate breaches of their SWIFT systems.
The documents and files were released by a group calling themselves The Shadow Brokers. Some of the records bear NSA seals, but Reuters could not confirm their authenticity. The NSA could not immediately be reached for comment. Also published were many programs for attacking various versions of the Windows operating system, at least some of which still work, researchers said. In a statement to Reuters, Microsoft, maker of Windows, said it had not been warned by any part of the US government that such files existed or had been stolen. “Other than reporters, no individual or organization has contacted us in relation to the materials released by Shadow Brokers,” the company said.
The absence of warning is significant because the NSA knew for months about the Shadow Brokers breach, officials previously told Reuters. Under a White House process established by former President Barack Obama’s staff, companies were usually warned about dangerous flaws. Shook said criminal hackers could use the information released on Friday to hack into banks and steal money in operations mimicking a heist last year of $81 million from the Bangladesh central bank. “The release of these capabilities could enable fraud like we saw at Bangladesh Bank,” Shook said. —Agencies