Security Breach and Spilled Secrets Have Shaken the N.S.A. to Its Core

The N.S.A.’s headquarters at Fort Meade in Maryland. Cybertools the agency developed have been picked up by hackers from North Korea to Russia and shot back at the United States and its allies. Credit Jim Lo Scalzo/European Pressphoto Agency
The N.S.A.’s headquarters at Fort Meade in Maryland. Cybertools the agency developed have been picked up by hackers from North Korea to Russia and shot back at the United States and its allies. Credit Jim Lo Scalzo/European Pressphoto Agency
TT
20

Security Breach and Spilled Secrets Have Shaken the N.S.A. to Its Core

The N.S.A.’s headquarters at Fort Meade in Maryland. Cybertools the agency developed have been picked up by hackers from North Korea to Russia and shot back at the United States and its allies. Credit Jim Lo Scalzo/European Pressphoto Agency
The N.S.A.’s headquarters at Fort Meade in Maryland. Cybertools the agency developed have been picked up by hackers from North Korea to Russia and shot back at the United States and its allies. Credit Jim Lo Scalzo/European Pressphoto Agency

Jake Williams awoke last April in an Orlando, Fla., hotel where he was leading a training session. Checking Twitter, Mr. Williams, a cybersecurity expert, was dismayed to discover that he had been thrust into the middle of one of the worst security debacles ever to befall American intelligence.

Mr. Williams had written on his company blog about the Shadow Brokers, a mysterious group that had somehow obtained many of the hacking tools the United States used to spy on other countries. Now the group had replied in an angry screed on Twitter. It identified him — correctly — as a former member of the National Security Agency’s hacking group, Tailored Access Operations, or T.A.O., a job he had not publicly disclosed. Then the Shadow Brokers astonished him by dropping technical details that made clear they knew about highly classified hacking operations that he had conducted.

America’s largest and most secretive intelligence agency had been deeply infiltrated.

“They had operational insight that even most of my fellow operators at T.A.O. did not have,” said Mr. Williams, now with Rendition Infosec, a cybersecurity firm he founded. “I felt like I’d been kicked in the gut. Whoever wrote this either was a well-placed insider or had stolen a lot of operational data.”

The jolt to Mr. Williams from the Shadow Brokers’ riposte was part of a much broader earthquake that has shaken the N.S.A. to its core. Current and former agency officials say the Shadow Brokers disclosures, which began in August 2016, have been catastrophic for the N.S.A., calling into question its ability to protect potent cyberweapons and its very value to national security. The agency regarded as the world’s leader in breaking into adversaries’ computer networks failed to protect its own.

“These leaks have been incredibly damaging to our intelligence and cyber capabilities,” said Leon E. Panetta, the former defense secretary and director of the Central Intelligence Agency. “The fundamental purpose of intelligence is to be able to effectively penetrate our adversaries in order to gather vital intelligence. By its very nature, that only works if secrecy is maintained and our codes are protected.”

With a leak of intelligence methods like the N.S.A. tools, Mr. Panetta said, “Every time it happens, you essentially have to start over.”

Fifteen months into a wide-ranging investigation by the agency’s counterintelligence arm, known as Q Group, and the F.B.I., officials still do not know whether the N.S.A. is the victim of a brilliantly executed hack, with Russia as the most likely perpetrator, an insider’s leak, or both. Three employees have been arrested since 2015 for taking classified files, but there is fear that one or more leakers may still be in place. And there is broad agreement that the damage from the Shadow Brokers already far exceeds the harm to American intelligence done by Edward J. Snowden, the former N.S.A. contractor who fled with four laptops of classified material in 2013.

Mr. Snowden’s cascade of disclosures to journalists and his defiant public stance drew far more media coverage than this new breach. But Mr. Snowden released code words, while the Shadow Brokers have released the actual code; if he shared what might be described as battle plans, they have loosed the weapons themselves. Created at huge expense to American taxpayers, those cyberweapons have now been picked up by hackers from North Korea to Russia and shot back at the United States and its allies.

Millions of people saw their computers shut down by ransomware, with demands for payments in digital currency to have their access restored. Tens of thousands of employees at Mondelez International, the maker of Oreo cookies, had their data completely wiped. FedEx reported that an attack on a European subsidiary had halted deliveries and cost $300 million. Hospitals in Pennsylvania, Britain and Indonesia had to turn away patients. The attacks disrupted production at a car plant in France, an oil company in Brazil and a chocolate factory in Tasmania, among thousands of enterprises affected worldwide.

American officials had to explain to close allies — and to business leaders in the United States — how cyberweapons developed at Fort Meade in Maryland came to be used against them. Experts believe more attacks using the stolen N.S.A. tools are all but certain.

Inside the agency’s Maryland headquarters and its campuses around the country, N.S.A. employees have been subjected to polygraphs and suspended from their jobs in a hunt for turncoats allied with the Shadow Brokers. Much of the agency’s arsenal is still being replaced, curtailing operations. Morale has plunged, and experienced specialists are leaving the agency for better-paying jobs — including with firms defending computer networks from intrusions that use the N.S.A.’s leaked tools.

“It’s a disaster on multiple levels,” Mr. Williams said. “It’s embarrassing that the people responsible for this have not been brought to justice.”

(The New York Times)



Greece Blocks Asylum Claims for Migrants on Crete after Surge in Arrivals

Migrants get off a bus at the port of Heraklion, Crete, Greece, 08 July 2025. EPA/NIKOS CHALKIADAKIS
Migrants get off a bus at the port of Heraklion, Crete, Greece, 08 July 2025. EPA/NIKOS CHALKIADAKIS
TT
20

Greece Blocks Asylum Claims for Migrants on Crete after Surge in Arrivals

Migrants get off a bus at the port of Heraklion, Crete, Greece, 08 July 2025. EPA/NIKOS CHALKIADAKIS
Migrants get off a bus at the port of Heraklion, Crete, Greece, 08 July 2025. EPA/NIKOS CHALKIADAKIS

Greece's government said Wednesday it is temporarily suspending asylum applications for migrants arriving on the island of Crete, following a spike in arrivals from Libya.

More than 2,000 migrants have landed on the island since the weekend, according to coast guard figures, bringing the total number of arrivals this year to over 10,000.

Speaking in parliament, Prime Minister Kyriakos Mitsotakis said the government also planned to build a detention site on Crete for migrants and was seeking direct collaboration between the Libya and Greek coast guards to turn back boats leaving the North African country.

“This emergency situation clearly demands emergency measures,” Mitsotakis told parliament Wednesday. “The Greek government has decided to inform the European Commission that ... it will suspend the processing of asylum applications — for an initial period of three months — for those arriving by sea from North Africa.”

According to The Associated Press, the suspension will apply only to migrants reaching Crete by sea. Migrants entering illegally will be detained, Mitsotakis said. “The Greek government is sending a firm message: the route to Greece is closing, and that message is directed at all human traffickers,” he said.

Overnight, a fishing trawler carrying 520 migrants from Libya was intercepted south of Crete. A bulk carrier that took all of the migrants onboard was rerouted to the port of Lavrio, near Athens, so that the migrants could be detained on a mainland facility, authorities said.