Russia stole classified NSA cybersecurity data through Kaspersky software installed on...

William Gayde

Posts: 382   +5
Staff

Only a day after it was revealed that Russia likely hacked the mobile phones NATO troops serving in Eastern Europe, there are new details emerging about a cyber attack much closer to home. Hackers working on behalf of the Russian government stole secret details of the NSA's offensive and defensive cyber capabilities. The information was obtained after an NSA contractor breached protocol and placed the highly classified material on his home computer. The hackers then exploited the Kaspersky antivirus software running on that home computer to exfiltrate the files.

The incident occurred in 2015, was discovered in the spring of last year, and has now become public. With this new knowledge, the Russian government has the ability to better protect their networks from US hacks and more easily infiltrate the networks of other nations.

The NSA, as has always been their policy, neither confirmed or denied that the hack took place. Kaspersky Labs, the Russian makers of the antivirus software, said that they have "not been provided any information or evidence substantiating this alleged incident."

Although the many agencies in the US government are switching away from Kaspersky software, this is the first known incident of the software being exploited to allow cyber espionage against the US. Kaspersky operates in a more aggressive way than other antivirus systems by copying large amounts of your personal files to allow them to be scanned for possible malware. This is hidden deep in the license agreement that most people skip over and essentially gives up your right to privacy when you install it.

The identity of the contractor at the center of this is not known publicly, but sources close to the issue have told the Wall Street Journal that members of Congress were informed and the incident was given a code name. It is believed that he took the files home to conduct extra work beyond normal business hours and never worked for a foreign government. Although his intentions appear to be have been good, he was still aware that it was a violation of protocol.

Permalink to story.

 
"essentially gives up your right to privacy when you install it."
We could as well be talking about Windows 10 or any modern Android smartphone. I don't know about Apple since I don't use either OSX or an iPhone.
 
I have used Kaspersky in the past and would use it again, but I'm just an old dude with little worth stealing.

Even if you didn't have any evidence that Kaspersky would do this it was basic common sense and prudence to avoid them if you were in the government, military, or had access to important technical research and IP.

Kaspersky may not even be doing this by choice, the Russians being expert in "making offers that you can't refuse".
And of course it would be stupid of the Russians (and any non-American US allies) not to imagine that software from Symantec or Microsoft wouldn't be similarly affected.
 
Dont start another cold war cause if you do with stuff like this its going to be a nuclear or atomic cold war. And everybody knows that is not survivable to most. The few that do survive will become zombies literally
 
Dont start another cold war cause if you do with stuff like this its going to be a nuclear or atomic cold war. And everybody knows that is not survivable to most. The few that do survive will become zombies literally
Nah... You are overreacting. Every country is now spying everyone with digital surveillance. The Cold War was about USSR and USA for global dominance. Sensitive information now is more likely to be registered in analog means than digital. Russia and Germany, for example, reverted back to typewriters.
 
Dont start another cold war cause if you do with stuff like this its going to be a nuclear or atomic cold war. And everybody knows that is not survivable to most. The few that do survive will become zombies literally

But Fallout is such a fun game, why wouldn't you want to play it in real life?
I was taught "duck and cover' works everytime you see the blinding flash.
 
"The information was obtained after an NSA contractor breached protocol and placed the highly classified material on his home computer. The hackers then exploited the Kaspersky antivirus software running on that home computer to exfiltrate the files."

So, they constantly tell us they are tightening up their security methods and systems and yet a simple contractor with vast access to this stuff can take it home and put it on an unsecured device??? And why exactly is Eric Snowdon still considered a criminal? I'm no fan of either but I think when the agency heads are found to have not followed up on their promises they should certainly be taken to task ......
 
"The information was obtained after an NSA contractor breached protocol and placed the highly classified material on his home computer. The hackers then exploited the Kaspersky antivirus software running on that home computer to exfiltrate the files."

So, they constantly tell us they are tightening up their security methods and systems and yet a simple contractor with vast access to this stuff can take it home and put it on an unsecured device??? And why exactly is Eric Snowdon still considered a criminal? I'm no fan of either but I think when the agency heads are found to have not followed up on their promises they should certainly be taken to task ......
Well, our people in government have to make it look like they are doing something...
 
Like Kaspersky is any less intrusive to your privacy than Windows 10. That said, NSA hasn't not confirmed or denied this even happened and Kaspersky has not been provided any information of evidence that it happened. So what is the source of this information? Is there one? This article certainly does not site one. Even the Wall Street Journal calls them "These People". It all reads like propaganda. What ever happened to journalism in this country?
 
Back