tech2 News Staff Oct 06, 2017 08:13 AM IST
In what could be yet another case of a National Security Agency (NSA) contractor's system being hacked, reports are emerging that Russia-backed hackers have been involved in the act. Kasperky Labs' anti-virus software that runs on millions of personal computers around the globe, was found to be running on the contractor's system. Reports are claiming that it may have helped Russian spies in gaining access to some critical information.
According to a report by The Wall Street Journal (WSJ), Russian government spies were reportedly able to gain access to the NSA contractor's home PC, on which he had stored confidential NSA documents.
While it seems like an error on the part of the government contractor for carrying classified code, documentation home to begin with, Kaspersky's reputation for building anti-virus software could be at stake. This confidential code reportedly contained a number of NSA tools and exploits, ones that could be used to penetrate foreign computer networks and even protect against certain cyber attacks.
But, how the hackers extracted the files out of the said government contractor's system remains unknown.
If the above is to be believed, it also means that Russian government had copies or knowledge about the NSA's tools and exploits to begin with and that Kaspersky's anti-virus software (with an unknown loophole) may have helped those hackers get complete knowledge of what they were looking for.
In another story by The Washington Post, the employee who may have unknowingly helped in leaking out the data had worked at the NSA's Tailored Access Operations unit, until he was fired in 2015. Trying to connect the dots, The Washington Post also added that this could be the same individual who was arrested back in 2015 for walking out with about 50 terabytes confidential data. Harold T. Marton III was arrested by the FBI, but never identified.
According to Reuters, the NSA declined to comment citing agency policy, which prevents the organisation commenting on its "affiliates or personnel issues".
So far, none of the reports have been verified and are based on unnamed sources. Kaspersky had earlier denied allegations of helping the Kremlin conduct espionage. Products made by Kaspersky Labs were banned from US networks just last month over suspicion of the same.
New conspiracy theory, anon sources media story coming. Note we make no apologies for being aggressive in the battle against cyberthreats
— Eugene Kaspersky (@e_kaspersky) October 5, 2017
Kaspersky has put out a statement saying, "Kaspersky Lab has not been provided any evidence substantiating the company's involvement in the alleged incident reported by the Wall Street Journal on 5 October, 2017, and it is unfortunate that news coverage of unproven claims continue to perpetuate accusations about the company. As a private company, Kaspersky Lab does not have inappropriate ties to any government, including Russia, and the only conclusion seems to be that Kaspersky Lab is caught in the middle of a geopolitical fight."
According to The Register, Matthew Hickey, the co-founder of British security concern Hacker Shop, Kaspersky could be blameless in the whole situation as the security software was just doing its job. According to him, Kaspersky has detected many NSA tools being used in the wild, and the FSB (the Russian spy agency) could be knowing that. "The Kaspersky statement holds no punches and makes it clear they don't cooperate with governments. I'm inclined to believe them, their software is top grade at detection of new threats, and is notoriously difficult to bypass," said Hickey.
Another cybersecurity expert Matt 'Pwn all the Things' Tait, the case sounds more like Kaspersky doing a basic tracking of an advanced perception threat than doing surveillance for Russian hackers.