Just a few months ago, a team of security researchers from SafeBreach demonstrated how several popular antiviruses could be exploited to make them spy tools. Today it is revealed that Russian computer hackers who have taken over data from the digital arsenal of the NSA could have proceeded exactly this way.
An NSA staff member downloaded a cache of classified information from US government systems and then loaded it on his personal computer. This computer, according to sources, used Kaspersky antivirus. It should be noted that NSA staff members have never been allowed to use the software, but imposing such a restriction can be almost impossible when it comes to personal computers.
The Kaspersky antivirus has long had the reputation of aggressively scanning computers, on the pretext of protecting them from unknown threats. The founder Eugene Kaspersky defended this mode of operation in the past. In this case, the software may have scanned the stolen documents from the NSA. It was from there that the Pandora's box opened. The Russian pirates, alerted to the situation of the files, then focused their efforts on the personal computer of the anonymous member of the NSA.
SafeBreach Research Vice-President Amit Klein said the action of his research team had "exfoliated any arbitrary data." He also has no restriction on the type of data that can be collected. "If SafeBreach was able to do this, it is appropriate to assume that competent, highly-funded and state sponsored hackers can do exactly the same. The action of diverting a batch of digital documents should not be of great difficulty for them.
The fact that the Kaspersky software could have directed the hackers to the victim's computer does not confirm the complicity or not of Kaspersky Labs. Indeed, the company itself refuted the accusations against it on several occasions.
It is possible that the company was merely buffered and that its software was then operated by the FSB (security service of the Russian Federation). The US Department of Homeland Security (DHS) put forward this possibility in its statement of 13 September by saying that "the Russian government, whether acting alone or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems ... "
Kaspersky's role remains unclear. What is clear, on the other hand, is the DHS's determination to make it impossible for foreign pirates to exploit a fault such as that which led to one of the most serious leakages of classified information ever 'so.
This post recieved an upvote from minnowpond. If you would like to recieve upvotes from minnowponds team on all your posts, simply FOLLOW @minnowpond.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit