Chinese state-sponsored attackers are using NSA's very own tools to mount attacks against targets in the West, new reports have claimed.
According to reserach by cybersecurity firm Symantec, the tools weren’t exactly stolen, but rather snatched away from the NSA.
Symantec doesn’t name China specifically, but it does mention Buckeye, a synonym for APT3 or Gothic Panda, a known Chinese contractor.
So how did they take the tools? While the NSA was using it to attack its own targets in China - just as an action movie hero would snatch a gun from the assailant’s hands and turn on the lead faucet on them.
To make matters even worse, the group that managed to snatch the cyberwarfare tools is the same one that has been mounting some of the attacks against ultra-sensitive US targets, like space, satellite and nuclear propulsion technology makers.
Symantec released the report on Monday, in which it argues that the hunter of a decade ago, has now turned to prey.
“We’ve learned that you cannot guarantee your tools will not get leaked and used against you and your allies,” said Eric Chien, a security director at Symantec.
It’s not yet clear how the Chinese managed to grab NSA’s tools. What we do know is that the tools were used on multiple occasions, including incidents in Belgium, Luxembourg, Vietnam, the Philippines and Hong Kong. The targets, among others, were science organisations, education institutions and government network of US-allied countries.
Image Credit: Maksim Kabakou / Shutterstock