Hackers used Kaspersky AV to steal NSA secrets: report
Russian hackers allegedly used Kaspersky Lab antivirus software to help steal details of the US National Security Agency’s (NSA) cyber spying tools from an agency contractor’s personal computer, according to a Wall Street Journal report.
According to the report, which cites unnamed sources, the hackers were able to access the information after the contractor transferred highly classified documents detailing the exploits to a computer running the antivirus software.
The theft is believed to have occurred in 2015 but not discovered until the following year. It reportedly involved details of how the NSA penetrates foreign computer networks and defends networks inside the US.
The report states that it is unclear whether Kaspersky Lab cooperated with the Russian hackers or how the hackers were able to obtain the information from the antivirus product.
The allegations are significant in light of the recent decision by the US Department of Homeland Security to ban all US government departments or agencies from using Kaspersky Labs products on their systems, due to concerns over potential links between Kaspersky Lab, founded by Russian-born Eugene Kaspersky, and the Russian government.
If the report is accurate, it could be one of the motivations behind the decision to issue the ban order.
But in a statement, Eugene Kaspersky again strongly denied having any inappropriate ties to the Russian or any other government, and reiterated his assertion that the company is being caught in the middle of a geopolitical fight between parts of the US government and Russia.
“Kaspersky Lab has not been provided any evidence substantiating the company’s involvement in the alleged incident... and it is unfortunate that news coverage of unproven claims continue to perpetuate accusations about the company,” he said.
“We make no apologies for being aggressive in the battle against malware and cybercriminals... It’s also important to note that Kaspersky Lab products adhere to the cybersecurity industry’s strict standards and have similar levels of access and privileges to the systems they protect as any other popular security vendor in the US and around the world.”
Enterprise AI isn't autopilot: it's cruise control that CISOs need to steer
AI is advancing at such a rapid rate that CISOs need to keep their eyes on the road and hands on...
Why Macs could become an Achilles heel for businesses in 2025
As Macs continue to gain traction in the corporate world, their appeal to cybercriminals will...
Building a critical infrastructure security dream team
Today it's essential to have a strong cyber strategy, with all corners of the business aware...
