I question this speculation. It seems to me that people start from the assumption that the NSA is unhackable and work backwards from there. There is no reason to believe this.
The NSA uses Windows like everyone else. There are multiple Windows 0day RCEs in this dump, which may not be all of it by far. All it'd take is to find a single Windows server that isn't properly airgapped - and the NSA TAO can't possibly be airgapped given that its job is to hack people over the internet - and you have a foothold.
The incentives for these intelligence agencies are all wrong and I think even if this particular dump isn't traced to a direct compromise of their network, it's bound to happen eventually. They've been operating on the assumption that all nation states work in secret, so even if they get totally hacked by their adversaries the White House will never find out. However, their chain of command would definitely notice if they stopped sending intercepted intel up to them. This means they're strongly incentivised to horde exploits even if they're sure their enemies know the very same exploits and even if they're sure they can't defend themselves.
The Shadow Brokers appear to have at a stroke invalidated the assumption of universal secrecy. These are people who have access to the NSAs most sensitive internal tools and documents, and are simply ... burning it all.
Bingo! Well, a mix of Windows, Linux (esp Red Hat), and Solaris (optionally with trusted extensions). All low-assurance operating systems with history of 0-days plus current ones for at least Windows and Linux. It's not like they didn't know it was coming. High-assurance field, including pioneers in INFOSEC, warned them over and over.
Bad news is they have methods today that work better that they could build on. They recently canceled them in favor of a new program with something like a 90-day evaluation. Something short. I remember reading the protection profiles to find the assurance argument required is EAL1: one so low we thought they'd cancel it. Things will only get worse.
we are already aware of a guy who was arrested for having terabytes of classified info, who worked for TAO. i'm not sure how it would have gotten from martin to the (presumably russian) shadow brokers -- maybe he was paid, maybe he was hacked -- but it doesn't seem like a staggering leap to make.
certain politicians aside, exposing TS networks to the internet is not only difficult inside an organization that 'lives in the dark', it will get you severely reprimanded if not fired from your very well paying job, and possibly scuttle your ability to remain cleared and continue your career. classified networks are designed from above so that as much as possible this isn't an issue, and i'm certain it's only intensified since snowden.
i'm not saying by any means it's an impossibility that they were hacked, but i don't see any reason at all to favor that conclusion. like i said, martin worked for TAO, the source of everything the shadow brokers have released. why would you come to the conclusion that they were hacked vs an already known, very likely source candidate?
The NSA uses Windows like everyone else. There are multiple Windows 0day RCEs in this dump, which may not be all of it by far. All it'd take is to find a single Windows server that isn't properly airgapped - and the NSA TAO can't possibly be airgapped given that its job is to hack people over the internet - and you have a foothold.
The incentives for these intelligence agencies are all wrong and I think even if this particular dump isn't traced to a direct compromise of their network, it's bound to happen eventually. They've been operating on the assumption that all nation states work in secret, so even if they get totally hacked by their adversaries the White House will never find out. However, their chain of command would definitely notice if they stopped sending intercepted intel up to them. This means they're strongly incentivised to horde exploits even if they're sure their enemies know the very same exploits and even if they're sure they can't defend themselves.
The Shadow Brokers appear to have at a stroke invalidated the assumption of universal secrecy. These are people who have access to the NSAs most sensitive internal tools and documents, and are simply ... burning it all.