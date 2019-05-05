You don't own the exploits you've created. That's the lesson the NSA has learned over the past few years as its hacking tools have made their way into the public domain via leaks. Of course, the harshest parts of this lesson have been felt by the general public, rather than the NSA, however. The leaked tools were swiftly repurposed to generate a new strain of ransomware, which took down dozens of businesses and government services around the world.

But it's not just a random assortment of internet baddies wreaking havoc with NSA hacking tools and exploits. It's also state-sponsored hackers making use of these tools. A report from Symantec shows other nations are more than willing to turn our state-sponsored attacks against us -- demonstrating the danger of engaging in a cyberwar using weaponized code.

[...]

The N.S.A. used sophisticated malware to destroy Iran’s nuclear centrifuges — and then saw the same code proliferate around the world, doing damage to random targets, including American business giants like Chevron. Details of secret American cybersecurity programs were disclosed to journalists by Edward J. Snowden, a former N.S.A. contractor now living in exile in Moscow. A collection of C.I.A. cyberweapons, allegedly leaked by an insider, was posted on WikiLeaks.

“We’ve learned that you cannot guarantee your tools will not get leaked and used against you and your allies,” said Eric Chien, a security director at Symantec.

Now that nation-state cyberweapons have been leaked, hacked and repurposed by American adversaries, Mr. Chien added, it is high time that nation states “bake that into” their analysis of the risk of using cyberweapons — and the very real possibility they will be reassembled and shot back at the United States or its allies.

In the latest case, Symantec researchers are not certain exactly how the Chinese obtained the American-developed code. But they know that Chinese intelligence contractors used the repurposed American tools to carry out cyberintrusions in at least five countries or territories: Belgium, Luxembourg, Vietnam, the Philippines and Hong Kong. The targets included scientific research organizations, educational institutions and the computer networks of at least one American government ally.