Posted on October 9, 2017 at 4:32 AM
Russian Hackers Steal Classified NSA Data
The NSA suffered their fourth data breach due to Russian hackers. Kaspersky Labs has been accused of being involved.
Russian hackers managed to steal classified NSA cyberweapons. The theft took place using the home computer of an NSA contractor after the contractor stored the classified information on his computer. The theft is thought to have taken place in 2015, but was only discovered in 2016.
The Wall Street Journal reported that the responsible hackers stole confidential data from the NSA by exploiting Kaspersky’s antivirus software which the NSA contractor was using at the time. According to the report, the stolen information included details on NSA’s offensive and defensive hacking tools and the computer code it uses for espionage.
The Wall Street Journal referred to many unnamed US officials who believed that the Russian hackers were able to access the NSA information after they’ve been informed that the contractor was using Kaspersky software. There have also been officials who implied the likelihood of Kaspersky employees being involved in the information theft.
After these claims, the founder of Kaspersky, Eugene Kaspersky, swiftly denied all allegations of the security firm’s involvement in the attack.
New conspiracy theory, anon sources media story coming. Note we make no apologies for being aggressive in the battle against cyberthreats
— Eugene Kaspersky (@e_kaspersky) October 5, 2017
OK, here is our official statement re the recent article in WSJ. pic.twitter.com/rdH6YcsZBZ
— Eugene Kaspersky (@e_kaspersky) October 5, 2017
The firm itself also retaliated by releasing an official stated that firmly denied any involvement in the theft. The statement emphasized the fact that the firm had no hand in providing any hackers with information and that currently there is no evidence to support the claim. The Kaspersky firm continued to voice its disappointment that news agencies continue to perpetuate allegations against the company which they could not prove.
In the statement, Eugene Kaspersky emphasized that their software will always immediately inform the affected clients if it ever does pick up any identified threat or malware within minutes. The client will then always immediately receive immediate protection.
The report from the Wall Street Journal immediately stirred an already heightened scrutiny from US authorities on the Kaspersky’s role in enabling Russian hackers. During September, the US Department of Home Security (DHS) gave instruction to all US intelligence agencies to immediately stop using Kaspersky’s software. Several retailers have also discontinued stocking the security firm’s software such as Best Buy.
Despite the increasing concern from US authorities surrounding Kaspersky Labs and their alleged ties to the Russian administration, the US has still not provided any evidence on which they can base their claims.
For record, there’s again no evidence re Kaspersky. It is evidence NSA continues to practice poor security+ doesn’t realise data is leaking.
— Kevin Beaumont ? (@GossiTheDog) October 5, 2017
In the same year of the theft, 2015, security researcher from Google’s Project Zero, Travis Ormandy discovered several vulnerabilities in Kaspersky antivirus software which could enable hackers to remotely infiltrate a computer and execute code on a computer that runs the software.
Since this reveal, Kaspersky has patched all the vulnerabilities. According to ArsTechnica, Kaspersky’s involvement in the NSA theft is not that unlikely.
Despite these claims, there is still a lot of uncertainty as to Kaspersky’s exact involvement in the theft. The report of the latest attack has brought the NSA under scrutiny once again, as this attack marks the fourth data breach that the NSA has suffered due to an insider accessing classified data.
In 2016, the NSA contractor, Harold Martin was arrested for saving classified information on his home computer. In, 2015, an unnamed NSA official was arrested on suspicion of leaking classified information. However, these arrests have not yet been linked to the latest theft.
The hacker group, Shadow Brokers, have also not yet been named to be under suspicion for the latest theft.
