Israel hacked Kaspersky, catching Russia using the software to hack US
Theft from US government classified programmes discovered secondhand from state hacking of unwitting security providerPrint
11 October 2017 | 0
Instead of promoting goodwill relations with Israel, US intelligence threw Israeli intelligence under the bus when explaining Israel hacked Kaspersky and caught Russia using Kaspersky to search for US National Security Agency (NSA) exploits and other government classified programmes.
The New York Times reported, “It was a case of spies watching spies watching spies: Israeli intelligence officers looked on in real time as Russian government hackers searched computers around the world for the code names of American intelligence programs.”
Israel told its US buddy about the spying and reportedly provided proof in the form of screenshots and documentation it had access to since it was buried deep into Kaspersky’s network. This is according to unnamed government officials who spoke up on the condition of anonymity due to classification rules.
“The role of Israeli intelligence in uncovering that breach and the Russian hackers’ use of Kaspersky software in the broader search for American secrets have not previously been disclosed,” explained the New York Times.
Israeli intelligence hacked Kaspersky for its own spying purposes in 2014. They told the NSA after watching in real-time as Kremlin’s hackers “aggressively” scanned “for American government classified programs” and pulled “any findings back to Russian intelligence systems.”
The Russian spies were reportedly using Kaspersky Lab’s software as “a sort of Google search for sensitive information.”
The New York Times did not specify exactly what secret American data the Russians stole, but did mention that the Russians made off with classified NSA documents which had been improperly stored on the home computer of an NSA employee; the Washington Post mentioned that in the 2015 case, the NSA TAO employee had been using Kaspersky antivirus on his home computer. Maybe it was documents, but it seems more likely anyone from the TAO (Tailored Access Operations) division would be using NSA hacking tools.
2015 was the same year that Kaspersky Lab reported a cyber-intrusion in its internal systems. The company dubbed the attack Duqu 2.0.
All of this newly revealed hacking and spying occurred over two years, but it was not until last month that the Department of Homeland Security ordered federal agencies to kick Kaspersky products to the curb.
After the New York Times story broke, Eugene Kaspersky, founder of Kaspersky Lab, denied involvement and asked US law enforcement to share relevant facts for an internal investigation.
Kaspersky Lab was not involved in, and does not possess any knowledge of the intelligence operation described in the recent @NYTimes article pic.twitter.com/didzcB0650
— Eugene Kaspersky (@e_kaspersky) October 10, 2017
I am launching internal investigation to cross-check. If US LEA has relevant facts – please share.
When news of PRISM broke in 2013, Google, Microsoft, Apple, Facebook and others hotly denied involvement or knowledge of the NSA’s PRISM surveillance. The companies pushed back for months, refuting that they had given the NSA direct backdoor access, in hopes of stopping customers from jumping ship to do business with other companies not based in the US
If the unnamed intelligence officials told the New York Times the truth, then is not it possible Kaspersky Lab was used by its government in a similar fashion as US companies were used for spying purposes by their own government?
IDG News Service