Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security

Kaspersky Lab Denies Involvement in Russian Hack of NSA Contractor (theguardian.com) 76

Moscow-based cybersecurity firm Kaspersky Lab has hit back at a report in the Wall Street Journal which accused it of being involved in a Russian government hack of an NSA contractor in 2015. From a report: The paper reported on Thursday that the NSA contractor, a Vietnamese national who was working to create replacements for the hacking tools leaked by Edward Snowden, was hacked on his personal computer after he took his work home. There, the report says, the contractor's use of Kaspersky's antivirus software "alerted Russian hackers to the presence of files that may have been taken from the NSA." Once the machine was in their sights, the Russian hackers infiltrated it and obtained a significant amount of data, according to the paper. Calling the allegations "like the script of a C movie," Eugene Kaspersky, the infosec firm's founder, gave his own explanation of what might have happened. Mr Kaspersky vehemently denied that his company had played any active role in the breach, noting: "We never betray the trust that our users put into our hands. If we would do that a single time that would be immediately spotted by the industry and our business would be done." Instead, he implied that the root of the problem was that Kaspersky Lab had correctly identified the hacking tools the contractor was working on as malware -- perhaps through Kaspersky Lab's own research into the Equation Group, a "sophisticated cyber espionage platform" believed to be linked to the NSA.
This discussion has been archived. No new comments can be posted.

Kaspersky Lab Denies Involvement in Russian Hack of NSA Contractor

Comments Filter:
  • by Anonymous Coward
    The Kapersky Labs campus has a mysterious building that is off limits to all employees except a select few with very close government ties and high security clearances. All products must be approved by the black building for release to the public. Nobody knows what exactly goes on in that building, just that it is where the products must be reviewed before their release and that there are a lot of black SUV's that come and go.
  • I'm honestly torn between a corporations invasion of personal privacy on one hand, and the anger from the NSA that it identifies thier hacking tools as malware and helps remove thier backdoors. You can't really win as anti virus software is never good and you can be certain no one really has your best interests in mind.
  • by hyades1 ( 1149581 ) <hyades1@hotmail.com> on Friday October 06, 2017 @09:21AM (#55321299)

    "Instead, [Kaspersky] implied that the root of the problem was that Kaspersky Lab had correctly identified the hacking tools the contractor was working on as malware..."

    Given the circumstances, this may be the best unintentionally ironic example ever of the well-worn meme, "It's not a bug, it's a feature."

  • The story smells (Score:3, Insightful)

    by guruevi ( 827432 ) on Friday October 06, 2017 @09:43AM (#55321447)

    a) A contractor was allowed to take his work home on an unencrypted, unsecured laptop
    b) The contractor was a foreign national (hint: you can't get top secret clearance unless you're a US citizen)
    c) The contractor created viruses and malware directly in his "core" work environment, where I suppose he also keeps his e-mail and other stuff, not in a VM
    d) The NSA then also installed Kaspersky even though the NSA has quite publicly said Kaspersky is all sorts of bad (unsubstantiated)

    So the crux of the story:
    1) NSA is lying
    2) NSA is incompetent
    3) Both

    • The software was on his personal computer.
      So a, does not apply; b, don't know; c, not the case, he stole copies of the software and installed on personal computer; d, personal computer so he installed kasperksy.
      So none of the cruxes apply.
      • by guruevi ( 827432 )

        a still applies because after Snowden they still allow people to take stuff on personal devices
        b is in the summary
        c is in the summary, again, a contractor that creates hacking tools conveniently doesn't know that carrying around malware in your hypervisor environment is bad?

    • by chill ( 34294 )

      Wow. You're either:

      A) illiterate
      B) lying sack of shit
      C) didn't read the story
      D) All of the above

      Because...

      a) The contractor was NOT allowed to take the work home. The story states it was both a violation of NSA rules and a possible criminal action and is being investigated.
      b) The story doesn't say anything about the nationality of the contractor.
      c) The story doesn't say anything of the sort.
      d) No, the story says EXACTLY THE OPPOSITE.

      NSA employees and contractors never had been authorized to use Kaspersky so

      • by guruevi ( 827432 )

        I read the following:

        The paper reported on Thursday that the NSA contractor, a Vietnamese national who was working to create replacements for the hacking tools leaked by Edward Snowden, was hacked on his personal computer after he took his work home.

    • Another theory: The NSA suspected a Russian agent. They suspected someone at Kaspersky. So they setup a test: Put Kaspersky on a laptop, put something valuable on the laptop that would be found by Kaspersky AntiVirus, then wait and see what happens.
      The result is they successfully baited out the hacker.

      Alternative theory: The NSA wanted to discredit Kaspersky, so they put something on the laptop that they new Kaspersky antivirus would find. Maybe Kaspersky automatically downloaded that file, and now the N

  • by guygo ( 894298 ) on Friday October 06, 2017 @09:59AM (#55321589)
    OK, so if - as Gene says - there was just a flag that malware existed on a given computer, and that flag made it all the way back to Kaspersky Central's servers, how did that flag then get to the people who entered the computer and copied the files? That step seems to indicate some kind of inside job and/or collusion between Kaspersky and the black hatters, n'ext-ce pas? So even if Gene and what he thinks is his company were totally sincere (something I doubt is confirmable for any KGB-trained human) in his denials, that log that contained that flag got into the hands of the bad-actors, and Kaspersky IS responsible for THAT.
  • Damn, looks like the U.S. gov really wants to discredit Kaspersky.

  • Comment removed based on user account deletion
  • by tomhath ( 637240 ) on Friday October 06, 2017 @11:00AM (#55322027)

    The story is that Russian hackers stole documents from the contractor's laptop, which he had stolen from NSA.

    What I haven't seen is how NSA learned that the Russians obtained that information, and how do they know it came from a compromised Kaspersky installation on that particular guy's laptop?

    It sounds like all the spooks are hacking each other.

    • by MobyDisk ( 75490 )

      Or it was a setup. The NSA created a fake virus, then planted it on a laptop that ran Kaspersky. Then they listened to the underground to see if someone reported finding a new NSA developed virus.

    • by AHuxley ( 892839 )
      Re "What I haven't seen is how NSA learned that the Russians obtained that information"
      The US gov created some new file that acts like malware in the wild when lost or activated at home.
      All part of the digital contractor buddy system upgrades. Files that report if they get taken outside of any secure US mil/gov location.
      Such prepared file actions would have been detected by any good AV app as new malware in the wild.
      The AV app reports a new sample of unexpected malware code in the OS.
      The US gov notes
  • A.) If you aren't a US government employee you should probably have Kaspersky installed on your machine for security reasons. B.) The government has started recruiting foreign nationals to develop cyber espionage software. Not surprising since they have many more options available for silencing recruits that decide they want to go public and since they aren't protected by the US Constitution they can pretty much do whatever they want with them; in secret of course. Yikes!
  • Comment removed based on user account deletion
  • I use Kaspersky at home. During my research, I looked up what malware Kaspersky Labs had discovered and wanted to see if they'd be bold enough to uncover any Russian state sponsored malware - there weren't any, while they did discover several with links back to NSA and Israel - interesting, but didn't think much more of it.

    Best case scenario is that Kaspersky do not have ties to government, but they're not stupid enough to reveal Russian state sponsored malware either (if they did so publically, I can't ima

Some people manage by the book, even though they don't know who wrote the book or even what book.

Working...