The mainstream media is catching on to a post from last month in RedmondMag.com – about Cisco customers being hacked by “NSA Hacking Tools” – or, to put it another way, tools supposedly leaked from NSA hacker toolkits.
Cisco this week acknowledged that some of its firewall appliance products are being targeted by purportedly leaked U.S. National Security Agency (NSA) hacking tools.
The targeted firewalls include Cisco’s current Adaptive Security Appliance (ASA) and its deprecated PIX products. Cisco ended PIX sales in 2009. The Cisco Product Security Incident Response team investigated disclosures by the “Shadow Brokers,” a hacking entity that has been auctioning off exploit code used by the “Equation Group.” Supposedly, the Equation Group is a reference to the NSA.
The Cisco team published a summary of two vulnerabilities at this page. Cisco identified eight exploit tools released by the Shadow Brokers, noting that three of the tools (ExtraBacon, EpicBanana and JetFlow) have references to Cisco products. The code used in the stolen tools is “dated around 2013 or older,” Cisco noted, in a blog post.
Outlets carrying the article today include: