Israel hacked Kaspersky, then tipped the NSA that its tools had been breached

 In World
In 2015, Israeli government hackers saw something suspicious in the computers of a Moscow-based cybersecurity firm: hacking tools that could only have come from the National Security Agency.

Israel notified the NSA, where alarmed officials immediately began a hunt for the breach, according to people familiar with the matter, who said an investigation by the agency revealed that the tools were in the possession of the Russian government.

Israeli spies had found the hacking material on the network of Kaspersky Lab, the global anti-virus firm under a spotlight in the United States because of suspicions that its products facilitate Russian espionage.

Last month, the Department of Homeland Security instructed federal civilian agencies to identify Kaspersky Lab software on their networks and remove it on the grounds that “the risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security.” The directive followed a decision by the General Services Administration to remove Kaspersky from its list of approved vendors. And lawmakers on Capitol Hill are considering a governmentwide ban.

After the U.S. banned federal agencies from using Kaspersky Lab software in September, citing concerns over its ties with Russian intelligence services, Kaspersky spokesman Anthon Shingarov called the move a “part of a geopolitical game.” (Associated Press)

The NSA declined to comment on the Israeli discovery, which was first reported by the New York Times.

Kaspersky said in a statement that “as a private company, Kaspersky Lab does not have inappropriate ties to any government, including Russia, and the only conclusion seems to be that Kaspersky Lab is caught in the middle of a geopolitical fight.” The company said it “does not possess any knowledge” of Israel’s hack.

The firm’s founder, Eugene Kaspersky, said in a blog post last week that his anti-virus software is supposed to find malware from all quarters.

“We absolutely and aggressively detect and clean malware infections no matter the source,” he wrote, suggesting that the NSA hacking tools could have been picked up as malware by the anti-virus program.

In the 2015 case, investigators at the NSA examining how the Russians obtained the material eventually narrowed their search to an employee in the agency’s elite Tailored Access Operations division, which comprises hackers who collect intelligence about foreign targets. The employee was using Kaspersky anti-virus software on his home computer, according to the people familiar with the matter.

The employee, whose name has not been made public and is under investigation by federal prosecutors, did not intend to pass the material to a foreign adversary. “There wasn’t any malice,” said one person familiar with the case, who, like others interviewed, spoke on the condition of anonymity to discuss an ongoing case. “It’s just that he was trying to complete the mission, and he needed the tools to do it.”

Concerns about Kaspersky have also emerged in the cybersecurity industry, where some officials say that the firm’s software has been used not just to protect its customers’ computers but also as a platform for espionage.

Recent Posts
Get Breaking News Delivered to Your Inbox
Join over 2.3 million subscribers. Get daily breaking news directly to your inbox as they happen.
Your Information will never be shared with any third party.
Get Latest News in Facebook
Never miss another breaking news. Click on the "LIKE" button below now!