Kaspersky, the NSA and Congress...
a pattern is emerging
https://www.wsj.com/articles/russian-hackers-stole-nsa-data-on-u-s-cyber-defense-1507222108
JoeUser Forums
Spy vs. Spy vs. Spy. "Who's on first?"...one's tempted to ask.
How did it all get started? This incendiary piece. Summary:
"The unnamed contractor removed the material from the NSA and stored it on a home computer that ran a version of Kaspersky AV. The material, according to the unnamed sources, included "details about how the NSA penetrates foreign computer networks, the computer code it uses for such spying, and how it defends networks inside the US." Sometime in 2015, the material was stolen by Russia-sponsored hackers who "appear to have targeted the contractor after identifying the files through the contractor's use" of the Kaspersky AV. The breach was discovered in the first three months of 2016.
The post continued:
US investigators believe the contractor's use of the software alerted Russian hackers to the presence of files that may have been taken from the NSA, according to people with knowledge of the investigation. Experts said the software, in searching for malicious code, may have found samples of it in the data the contractor removed from the NSA.
But how the antivirus system made that determination is unclear, such as whether Kaspersky technicians programed the software to look for specific parameters that indicated NSA material. Also unclear is whether Kaspersky employees alerted the Russian government to the finding.
Investigators did determine that, armed with the knowledge that Kaspersky's software provided of what files were suspected on the contractor's computer, hackers working for Russia homed in on the machine and obtained a large amount of information, according to the people familiar with the matter." - WSJ
The history's a bit longer though:
In September 2015, Google Project Zero researcher Tavis Ormandy said his cursory examination of Kaspersky AV exposed multiple vulnerabilities that made it possible for attackers to remotely execute malicious code on computers that ran the software. If the hackers had knowledge the NSA contractor was using the Kaspersky AV, it's at least feasible they exploited those vulnerabilities or similar ones to identify the sensitive materials and possibly also steal them. - Ars Technica
They were subsequently patched, as were defects (similar) in other security software). In July 2016, along with Wikileaks material and actual hacking tools caused Congress to request material on Kaspersky from various agencies, and wanted to bar the Pentagon from using Kaspersky's software. Now, all agencies (the whole Federal gov't.) forbidden to use Kaspersky's software on any of its computers.
My pov? Let's go back to the beginning: How did a contractor get the NSA files onto his computer (which also had Kaspersky software)? Seems to me NSA's security sucks, too...not just the whole leaky sieve that is the US government.
Some biographic info on Kaspersky: Eugene Kaspersky studied cryptography, programming and mathematics at an academy operated by the KGB, the FSB’s Soviet-era predecessor, then worked for the Ministry of Defense. Well, that's the way Russia works...
At the risk of angering Jafo, I'm not getting Kaspersky on my machines...not that I think the Russians give a tinker's damn about me, any more than any other American citizen.
Sources:
https://www.wsj.com/articles/russian-hackers-stole-nsa-data-on-u-s-cyber-defense-1507222108
WinCustomize Forums
GalCiv3 Forums
Stardock Forums
