A group called the Shadow Brokers made headlines this month by leaking a hacking tool belonging to the NSA's Tailored Access Operations (TAO) team. Now this week, several informed sources suggest an inside source may have been involved.
The leaked software—which can exploit weaknesses in a number of network hardware platforms and other devices—apparently may have come with the help of an NSA insider, according to the analysis of several information security experts, reports citing former NSA employees, and one journalist who had access to the files leaked by Edward Snowden. While the hacking tools were said not to have come from the Snowden documents cache, they may in fact be associated with another leaker who provided information to Jacob Appelbaum and Wikileaks, James Bamford suggests in a commentary published Monday by Reuters.
Details of the hacking tools also match with a training manual for NSA cyberespionage operations included in the Snowden document trove, released last week by The Intercept. Some of the tools also match with entries in the TAO's ANT catalog—an NSA internal wishbook for hardware and software exploits. That document was published in part by Der Spiegel in collaboration with Appelbaum back in December of 2013.