All in all, there is a large possibility that we can elucidate the background of these crimes if arresting “shadow brokers”. They are just data brokers, but highly likely related to more crimes and we might tail other global crime organizations, including the equation group.
Additionally, they are an indispensable part of the crime infrastructure in Japan. When we arrest them, this infrastructure should be severely damaged. They are critical targets for the Japanese police as well.
There is another unsolved question for all of us. Snowden worked at the Japan desk of the NSA, which implies it is highly likely he knew some of the members of shadow brokers. It was one of his job descriptions when working for the NSA to find these hackers. Is it common not to realize or even to misread old enemies when leaving the job?
In any way, I hope they are caught as soon as possible.
If the CIA and NSA were intentionally concerned with this issue, it was not to frame the criminals but exploit them. This might be an approach to stir up a threat from the global crime organization with providing them obsolete hacking tools. In the end, the intelligence circles should be more demanded than before.
This type of counterintelligence really took place and I knew some of them, but this specific crime, the auction of hacking tools, was less likely an organizational decision of them, as this appeared too much. However, there is a possibility that some of the agents might leak these to keep their authority. If they are in charge of the job against these criminals or the national security breach, they can keep or even elevate their authority in the intelligence circles.
If that is the case, the equation group itself consists of the rogue agents. It should make sense why they hired Japanese data broker to auction and leaked the obsolete hacking tools under this scenario.
This case is probable, but if you consider they are assumed to be one of the global crime organization, the conclusion should be the same as original; the global crime organization hacked into the NSA server and obtained the tools which were provided to the Japanese data brokers who were told to auction them.
The difference might appear at their motivation that it is not for the show-up, but they would like to keep their authority to stir up the threat of the global crime organization.
There is another possibility that the CIA and NSA should frame the global crime organization and shadow brokers. It was nearly revealed that these government intelligences conducted an illegal hacking and they exploited this situation. They utilized obsoleted data given to them for a confirmation of the global crime connection.
The whole issue was staged as their counterintelligence, if this is the case.
This possibility cannot be denied, but its odd is not high. As you know, the general American reaction was a surprise and confusion. They more or less knew that the CIA and NSA had this hacking capability, but they disbelieved a little how deeply they were hacked by the crime organization.
As a result, there is no possibility this leak is perceived positive to the NSA, hence it is unnecessary to employ this approach as a counterintelligence. At least as far as we know, it is less likely conducted as their strategy, unless there is another truth coming up to make it more sense.
The equation group is a mastermind, which is assume to be the main scenario, but there is a possibility that another global crime organization hacked into the server of the equation. Thereafter, they leaked the hacking tools through Japanese data brokers.
If this is the case, it is necessary to understand why they should structure this crime framework, including why they decided to auction them and why they hired these specific data brokers.
In May 2016, there was a crime illegally drawing cash from ATMs at convenience stores in Japan, amounting to $20 million damage. This breach was huge, as the crime took place at 17 prefectures out of 47 totally in Japan within a few hour timeframe. It was calculated as more than 1,000 people involved in its crime. This crime background is quite similar to “shadow brokers”.
Originally, the South African bank was hacked and they stole a cash at ATMs from their banking accounts, as they decrypted the code which this bank employed for a transaction. The basic skill-set was a hacking and decryption. It was highly likely for the global crime organization to hire the Japanese crime infrastructure for its monetization. This background is totally the same as this crime, the auction of NSA hacking tools.
Therefore, there is a possibility that this global organization hacked into the equity group to obtain these hacking tools. However, the equation can also structure the same crime framework, so it does not just mean they were hacked.
There are, surely, other possibilities.
The first different possibility is that shadow brokers really hacked the server and obtained the NSA hacking tools. They are definitely Japanese data brokers, but they might have more hacking capability than originally assumed. Although it is quite doubtful they were able to hack the NSA, but they might obtain the data from the server of the equation group.
As a matter of fact, they mentioned they hacked the equation group, which is possible. If the equation group has halted their activity since 2013, it is likely that they should do so with some reasons. If that is the case, there is a probability that their stolen hacking tools have been hidden in the certain server without enough maintenance.
Under this condition, the shadow brokers might hack the equation group to obtain the tools. This is just a slight possibility but they might obtain them by their own effort, not from the global crime organization.
In this case, their purpose was to show off their capability to the US government, and simultaneously to the equation group. There was no other practical reason why they conducted the crime in this case, which implied the auction was too much, therefore this possibility is unlikely.
Japanese data brokers have connected to the global crime organization, which is how they got hacking tools developed by the NSA. In this sense, their job was totally a data broker and the global criminals should know its fact beforehand. This implies they auctioned the tools but have never thought it should be actually sold out. Their intention was to show up themselves.
The issue is how they can monetize their show-up. There is one possibility that they have already known globally as the Japanese data broker and they can get a contact from potential buyers directly in another way. This possibility holds true to the equation group that they might get a direct demand from the third party to acquire their tools in hand.
There is another main possibility that they just showed off their capability. At this time moment, it is still unclear how they obtained these tools, and at the same time, their identity had been unknown for some time, hence many governments just escalated their anxiety. If they maintained their anonymity, the US government would have misperceived they would be quite skillful criminals, critical to the national security.
Having said that, the truth is that “shadow brokers” were just hired to leak the hacking tools as an agent of the foreign counterpart who perfectly understood the Japanese data broker consisted the crime infrastructure and also conducted a ransomware to take a ransom without notice. In the end, their crime was an extension of these capabilities.
Shadow brokers are criminals to auction hacking tools developed by the NSA and CIA in August 2016. I researched their statement and found out a critical fact that they are absolutely Japanese.
!!! Attention government sponsors of cyber warfare and those who profit from it !!!!
How much you pay for enemies cyber weapons? Not malware you find in networks. Both sides, RAT + LP, full state sponsor tool set? We find cyber weapons made by creators of stuxnet, duqu, flame. Kaspersky calls Equation Group. We follow Equation Group traffic. We find Equation Group source range. We hack Equation Group. We find many many Equation Group cyber weapons. You see pictures. We give you some Equation Group files free, you see. This is good proof no? You enjoy!!! You break many things. You find many intrusions. You write many words. But not all, we are auction the best files. .
Linked from <https://en.wikipedia.org/wiki/The_Shadow_Brokers>
The above is their statement which has more than ten characteristics written by Japanese native speaker. The detail is not discussed here, but you can easily confirm its fact when asking Japanese who are good at English. This is definitely scripted by Japanese.
Additionally, this statement cannot be written by European language natives, who cannot make a grammatical mistake consistently for this direction. Even I have no confidence to keep this stability, despite the fact that I know why they had come up with these grammatical errors. At the same time, it is confirmed that there is no characteristic written by Chinese natives.
This consideration excludes 80% of the population from the possible writer, but moreover, this statement has a characteristic written by native speakers of the Altaic language family. Japanese are most populous amongst them, followed by Korean and Turkish, which implies there is a possibility that this is written by Korean. I have no practical knowledge of Korean language, hence its possibility is not deniable, but Korean as nature is less likely to publish the statement filled with many mistakes.
It is not too much to say that Shadow brokers are Japanese.