Nicholas Weaver on Lawfare puzzles over the latest dump of stolen NSA cyber-tools by the Shadow Brokers group:
The real mystery here is why the Shadow Brokers released this data. Ordinarily, a hostile intelligence service wouldn’t tip their hand by showing that they had obtained this information but there are some clear strategic benefits to that kind of signalling. Releasing the vulnerabilities themselves goes a step further. It ensures not only that the NSA is unable to use the Windows 0-days against targets, but that you aren’t either. It is a matter of short time before these tools are patched, and thus unavailable to anyone. These are tremendously valuable tools to just burn that way, so it does make one wonder (and worry): what exactly is the intended payoff here?
It suggests the group has motivations other than financial. Could be ideological, patriotic, take your pick.
And he notes that Easter will interfere with the efforts to patch the revealed bugs:
Normally, dumping these kinds of documents on a Friday would reduce their impact by limiting the news cycle. But Friday is the perfect day to dump tools if your goal is to cause maximum chaos; all the script kiddies are active over the weekend, while far too many defenders are offline and enjoying the Easter holiday. I’m only being somewhat glib in suggesting that the best security measure for a Windows computer might be to just turn it off for a few days.
I run Linux, which no doubt has its own security holes.