Hacked files suggest NSA monitored Middle East banks

The exploits, published by the Shadow Brokers yesterday, contained vulnerabilities in Windows computers and servers.

Mysterious hacker collective Shadow Brokers recently released a cache of NSA tools which include some that have been created to target Windows-powered computers.

In an official statement, on April 14, 2017, released by Microsoft, the company said that, 'Most of the exploits that were disclosed fall into vulnerabilities that are already patched in our supported products.' Microsoft has released a list of exploits that are confirmed by them as patched using an update.

The leak included detailed evidence that a string of major financial firms in Qatar, Dubai, Abu Dhabi, Syria, Yemen, and the Palestinian territories, may have been hacked - or potentially targeted - by the U.S. government.

Suiche recommended users upgrade to Windows 10 and the range of security flaw mitigations the operating system has built in, which do not exist in older versions such as Windows 7.

Say what you want about Microsoft, but the company stays on top of security.

The fact that Microsoft had previously patched some of the newly exposed vulnerabilities has gained particular attention, since it would appear that someone may have tipped off the company about the security issues before the Shadow Brokers could leak them.

The Shadow Brokers' leaks indicate that the NSA infiltrated a Dubai company that helps manage transactions in the worldwide bank messaging system Swift. They did admit, however, that it was possible that the local networking systems of some individual SWIFT users may have been breached.

The SWIFT system is used by banks to transfer trillions of dollars each day.

EastNets is one of 74 local service bureaus worldwide certified by Swift, acting as an interface between the global network and smaller banks and financial institutions in the Middle East.

"We have no evidence to suggest that there has ever been any unauthorised access to our network or messaging services". Three of the NSA exploits, which Microsoft indexes as MS17-010, CVE-2017-0146, and CVE-2017-0147, have not been patched but do not work on programs that Microsoft now supports, according to Ars Technica.

Matthew Hickey, director of security firm Hacker House, has looked over the leaks and agrees with Microsoft's assessment.

The NSA did not immediately return emails seeking comment.

This is not the first time the Shadow Brokers have targeted the NSA. While alarms are ringing about the USA government's ability to hack consumer PCs, Microsoft has fortunately come forward to clarify that Windows has already been patched to prevent use of these exploits.

"The threat is very persistent, adaptive and sophisticated - and it is here to stay", SWIFT said in the November letter to client banks, seen by Reuters.

  • Arturo Norris