NSA staff and experts confirmed the authenticity of the data. The majority of released malicious software was written to circumvent firewalls and penetrate computer systems.

It is standard practice for intelligence agencies to find holes in security software and exploit them for a long time. For instance, the Electronic Frontier Foundation (EFF) has unsuccessfully sued the NSA and the ODNI for violating the Freedom of Information Act, accusing the NSA of having been aware of the OpenSSL “Heartbleed” hole earlier and not having disclosed it. In response to the activities of “shadow brokers”, various IT companies have closed security holes in their systems.

Sources: