By Laura PoitrasThe Guardian, January 19, 2019, 2:15pmTo the surprise of many, the NSA didn’t respond to an email requesting comment on the Sentinel Exploits’ vulnerability.
“I’ve not heard anything about this from anyone,” says Jonathan Zittrain, the director of research for security firm Immunity.
“The only thing that I can think of is that they’re trying to make sure that they don’t leak the data out to the public.”
According to Zittraining, the Sentinel exploits are the work of a “snowflake security researcher” who has “no affiliation with the NSA”.
The Sentinel exploits have been in the news in the past week, thanks to a number of leaked documents that appeared to show the NSA’s use of the exploits to attack the internet infrastructure of China and elsewhere.
The NSA’s “black ops” division has denied that the exploits are related to spying on the Chinese government, but Zittrained says it’s unlikely they are.
“I don’t think there is any indication that this is anything more than a snowflake,” he says.
“If it’s a real intelligence operation, then that would be extremely worrying.”
The Guardian was unable to independently confirm that claim.
Zittrain says that the NSA is a “very sophisticated, sophisticated, and very successful” organisation.
“They have a lot of experience in intelligence operations,” he said.
“We have not had any contact with the intelligence agency.”
Zittrained adds that the Sentinel attacks are likely to be used by the NSA to monitor Chinese internet traffic.
“You might have seen that [in] the media recently, but I don’t know if that is true,” he notes.
“It’s very unlikely, but you have to be very careful because it could be the first time the Chinese have been hit.”