Possible NSA Breach included bypass tools for Cisco, Juniper and Fortinet firewalls

Details are still a bit sketchy but, according to several news outlets, a group calling itself “Shadow Brokers” claims to have breached the Equation Group, a nation-state spying group suspected to be linked to the U.S. National Security Agency and has posted evidence to confirm the breach.  They are offering to release all of the data publicly in exchange for 1 million in Bitcoin (currently, about $580 million [Bitcoin value fluctuates wildly and is up from the time that the article was posted]).  I expect this to make additional news as we find out more but, off the cuff, a few things that come to mind:

  • If this is legit, the NSA was breached, this is kind of concerning (what other tools will drop as a result)
  • There are apparently payloads that target Cisco, Fortinet and Juniper firewall products as well as a Chinese vendor TopSec

We will try to post more here and to our social media sites as details are available but at the very least, if you have Cisco, Fortinet or Juniper firewall equipment installed, it would be worth keeping a watch for updates.

Misc / Errata

Leave a Reply