Shadow Brokers NSA exploits: doubts about Edward Snowden’s tweets

by Chris Zappone

Ex-National Security Agency contractor Edward Snowden’s statements on Twitter attributing the alleged leak of NSA bugs by the group the Shadow Brokers to Russia has raised suspicions about the authenticity of his tweets.

The timing around Snowden’s statements on social media as well as the basic lack of evidence the American citizen is himself behind them have prompted at least one expert to publicly question them.

Capture.jpg

Who does this man’s PR?

Security consultant Jonathan Nichols, who worked in hacking and psychological warfare for the US Army, said that nothing  Snowden has “said in the last 24 hours has challenged the question from the last week: ‘is Snowden still alive?'”

“That needs to proven before we take anything coming from that account as actually coming from the mouth of Edward Snowden, the person.”

Nichols said a person of Snowden’s background would know he’s expected to provide some kind of proof that he is the authentic voice behind the account after his unusual statements and period of absence from social media.

“He knows exactly what both (the IC and infosec) communities would expect, a message cryptographically signed by him, and a quick video of him referencing recent events.”

Snowden’s most recent communication on Twitter are a fairly blunt commentary on the leak of sophisticated bugs, or exploits, used to hack the computers of governments and organisations worldwide.

The malware is thought to have come from the NSA, and experts in the West are blaming Russia following the DNC Leaks, a position Snowden appears to endorse in the latest tweets, which is also unusual.

On August 5, Snowden tweeted an encryption key, which allows people to check any message they receive from him against the signature, or key, to see if they match and confirm identities.

Two days earlier, Snowden tweeted an unusual message: “Did you work with me? Have we talked since 2013? Please recontact me securely, or talk to @bartongellman. [The Washington Post journalist who wrote some of the initial stories on Snowden].” The tweet ends with the words “It’s time.” There was no additional explanation. Both of those tweets were deleted.

Then for 10 days, Snowden went quiet. So quiet, in fact, that his Russian lawyer went public to assure people that Snowden was in fact, still alive.

On the 15th, a picture of Mark Twain was posted with the author’s famous words, “The reports of my death are greatly exaggerated.”

Nichols notes Snowden “left the internet with 2 cryptic tweets” and “up until he started tweeting again 24 hours ago, there was serious question as to whether he was still alive.”

“From both an intelligence community- and an information security perspective, you don’t go silent after those creepy tweets he went offline with, and then suddenly pop back online and start acting like nothing happened,” Nichols said.

Other members of the US security community also see the timing and pattern around Snowden’s latest tweets as suspicious.

If Russia is behind the so-called Shadow Brokers’ group it follows a recent pattern including the hacking of the Democratic Party’s email and voicemail accounts in the US. A hacker named Guccifer 2.0, which is also thought to be linked to Russian intelligence, claimed to have accessed the trove of emails, known as DNC Leaks, which were distributed by WikiLeaks in time to disrupt the US Democratic Party before its convention in July.

The escalation of information war and cyberwar efforts against the US have caught Washington unprepared.

“The real problem for us is that the Russians seem to have taken the gloves off in the cyberdomain and we don’t know how to respond,” James A. Lewis, of the Center for Strategic and International Studies, told the New York Times.

Russia’s efforts against Western countries in the cyber realm has increased significantly in recent years, as Russia seeks to reestablish itself as a strong regional and even global player more than two decades after the fall of the Soviet Union.

Russia’s complex – and so far, successful – information war strategy combines expertise across a variety of areas to achieve its goals, which means  – in theory – that even as hackers go after the NSA exploits, propagandists are figuring the best way to exploit them in the evolving situation between Russia and the US during its presidential election.

As Jolanta Darczewska the Centre of Eastern Studies wrote in 2014, “Russian information warfare theory also has traits of an interdisciplinary applied science.”

“This is because it covers a very broad range of actions (political, economic, social, military, intelligence, counterintelligence, diplomatic, propaganda, psychological, informational, communication technologies, educational, etc.)”

In this way, the value of Edward Snowden to Russia may be equally for propaganda against Western democracies as any intelligence he would have provided about the inner workings of the NSA.

Snowden fled the US in 2013 after revealing the extent of the NSA’s post-September 11, 2001 electronic spying, which included unlawful domestic surveillance.

After travelling to Hong Kong, Snowden was given asylum in Russia amid fears he would be sent to the US and prosecuted for spilling government secrets. WikiLeaks leader Julian Assange claimed credit for helping direct Snowden to Russia.

Follow Chris on Facebook