Russian Hackers Breach NSA Cyber Program Via Agency Contractor, Kaspersky Vulnerability

Russian Hackers Breach NSA Cyber Program Via Agency Contractor, Kaspersky Vulnerability

USA authorities believe the alleged theft, first reported by the Wall Street Journal on October 5, may have been carried out by exploiting antivirus software made by the Moscow-based company Kaspersky Lab, several media outlets cited unidentified sources as saying.

Presuming that Kaspersky software was actually utilized in the hack, there is a perfectly reasonable alternative theory - that Russian Federation itself hacked the company to gain access to the data it was gathering and we know Kaspersky was hacked in 2015, the same year the NSA contractor was allegedly hacked.

"Kaspersky Lab has not been provided any evidence substantiating the company's involvement in the alleged incident reported by the Wall Street Journal on October 5, 2017, and it is unfortunate that news coverage of unproven claims continues to perpetuate accusations aimed at the company", the statement said.

In a statement, Kaspersky CEO Eugene Kaspersky said his company "has not been provided any evidence substantiating the company's involvement in the alleged incident".

Suspicions against Kaspersky Lab products aren't a recent phenomenon in the USA and have been ongoing for years.

These documents provide details on how our government agencies get into "foreign computer networks" and how we defend ourselves "against cyberattacks".

It is believed that the victim (name concealed owing to security concerns), despite knowing that it is an serious criminal offence to stash government data at home, had stored huge caches of critical security data in his personal computer to work on important cases after work. Those may have included NSA code and documents describing software that, in practice, act like malware targeting computer networks of other nations. The Department of Homeland Security ordered civilian agencies to identify Kaspersky Lab software on their networks and remove it after 90 days unless otherwise directed.

Dmitry Peskov, the Kremlin's top spokesman, slammed the US government for "undermining the competitive positions of Russian companies on the world arena" in a statement to the paper, but didn't say if Moscow paid hackers to steal the intelligence. All it did was raise even more suspicions, and should have had everyone checking to ensure that their computers didn't have Kaspersky on them.

And it's the first reported time a hacker used Kaspersky's software to spy on a USA agency.

A spokesman for the NSA would not comment on the security breach.

Kaspersky Labs has millions of users around the world and is among NPR's corporate underwriters.

The alleged use of Kaspersky's antivirus software adds fuel to an ongoing dispute between it and the United States government.

Kaspersky Lab said in a statement it "does not have inappropriate ties to the Russian government". The NSA, however, has had no prohibitions on it being used on employees' private home computers.

A former senior intelligence official told NBC News the NSA worker put the information on a computer that used Kaspersky anti-virus software.