The investigation into how alleged National Security Agency (NSA) hacking tools ended up being leaked to the public has started to take its toll on agency employees, according to a new report in The New York Times.
Employees of the renowned hacking wing of the NSA, both longtime employees and new hires, are moving to better-paying jobs in the private sector under the stress of an investigation yet to find a suspect to focus on.
“Snowden killed morale,” an anonymous NSA hacker told the Times.
“But at least we knew who he was. Now you have a situation where the agency is questioning people who have been 100 percent mission-oriented, telling them they’re liars.”
The hacking tools have been sporadically leaked and sold by a group named the Shadow Brokers, who first appeared last spring. The Shadow Brokers publicly released large swaths of exploits – computer code used to circumvent security measures — and other documents.
The group released several sets of tools to the public to draw attention to the sale of the remaining tools. They tried various approaches to monetize the remaining files, including auctions and crowdfunding a massive release of documents, but have settled on a subscription service providing a monthly leak.
The tools leaked by the Shadow Brokers were quickly co-opted by at least three massive, international malware campaigns — WannaCry, NotPetya and Bad Rabbit, each of which caused massive damages.
WannaCry forced British hospitals to turn away patients, NotPetya briefly shuttered one of the world's largest shipping firms and Bad Rabbit struck a variety of businesses and government agencies in Russia and the Ukraine.
NSA employees have not only felt pressured by the investigation but also by the abrupt end to operations that used the once secretive tools after leaks showed targets what to look for to defend themselves.
“How much longer are the releases going to come?” another NSA source asked the Times. “The agency doesn’t know how to stop it — or even what ‘it’ is.”