Kaspersky may have been involved in biggest NSA security breach

By JC Torres/Oct. 6, 2017 1:29 am EST

It is almost ironic that the government body tasked with security itself become the victim of a security breach that could have easily been avoided. Then again, the NSA does have a large target painted on its back, whether it likes it or not. It is almost ironic that a software designed to keep files safe would be the instrument of such a breach. But for those who do believe Kaspersky's ties to the Russian government, that's actually not surprising at all.

Details of the breach, which happened back in 2015, are naturally hush-hush, but according to multiple sources familiar with the matter, this is how it went down. A contractor for the NSA brought highly classified material outside of NSA offices to his home computer. State-sponsored Russian hackers were then able to pilfer these files easily from the contractor's relatively unprotected home network. These files contained information on how the NSA infiltrates computer networks of other countries, like Russia, and how it also defends its own networks from spying by other countries, like Russia. In other words, it leaves the NSA not only with less capabilities to hack into Russian networks but also less capable of protecting itself from future attacks.

Why and how did alleged Russian hackers target this particular contractor? Apparently, the contractor used Kaspersky's antivirus software on his home computer. Kaspersky has been accused of using very aggressive methods to hunt for and identify malware, creating actual copies of files they find to be "interesting". Those may have included NSA code and documents describing software that, in practice, act like malware targeting computer networks of other nations.

Even if Kaspersky did get hold of such files, it isn't established whether they came running to Kremlin to inform the government of its findings. Kaspersky has long been accused of having close ties with the Russian government, going as far as aiding it in spying on the US governments through, as in this case, contractors and ordinary citizens. The security company has vehemently denied such allegations, but that didn't help it from getting banned from US government use. That ban, however, doesn't extend to contractors, apparently.

The NSA isn't exactly blameless in this incident. If it had exercised stricter controls and checks over files and people who go in and out of its compounds, such a possibility would have been prevented. Sadly, it seems that, even according to former personnel, NSA, ironically, had lax onsite security.

SOURCE: The Wall Street Journal