Leaked files show that NSA Territorial Dispute (TeDi) developed for tracking other hacker
Shadow Brokers leaked a large amount of NSA hacking tools in 2017, most experts are deeply researching NSA’s 0Day exploit, and a group of Hungarian security researchers has discovered the scripts and scanning tools that NSA uses to detect other countries’ hackers on their infected devices.
As it turns out, NSA’s scripts and tools are just as valuable as the 0Day vulnerability. Research by Hungarian security researchers shows that in 2013, the NSA tracked at least APT (Advanced Persistent Threats) conducted by hackers in 45 countries. Some of these actions appear to have been well-known by the security community, while others threatened attackers and operations may have been heard in the security industry for the first time.
These scripts and scanning tools were created by a team called NASA’s Territorial Dispute (TeDi). According to sources in the U.S. intelligence community, the United States believes that in 2007 the hackers from China stole designs for the Joint Strike Fighter jet and other sensitive data from U.S. defense contractors. The organization can detect and respond to complex national hackers more quickly. A source told The Intercept that the TeDi team’s goal is to figure out when the data was stolen.
As the situation changes, the tasks of the TeDi team also include providing situational awareness to NSA hackers, which helps the hackers understand the specific time that other countries hacked into the target device.
Research by Hungarian security researchers shows that when NSA invades equipment in countries such as Iran, Russia, and China, it will make it clear in advance whether there are foreign spies in the target device to prevent hackers in other countries from stealing NSA tools or monitoring the NSA’s Activities to prevent their actions from being exposed. The NSA will flexibly cancel or continue to act more cautiously depending on the circumstances. The TeDi team also provides advice or issues warnings to guide NSA operations personnel.
Source: securityaffairs