Israeli Spies Hacked Kaspersky

Uploaded on 2017-10-31 in FREE TO VIEW, INTELLIGENCE--International, NEWS-Cybersecurity News

An Israeli security agency hacked into Russian antivirus firm Kaspersky Lab in 2015, providing the crucial evidence required to ban the company from providing services to the US government.

While the Israeli spies were inside Kaspersky’s systems, they observed Russian spies in turn using the company’s tools to spy on American spies. That information, handed to the US, led to the decision in September to end the use of the company’s software across the federal government by December.

The revelation answers some questions about the unfolding saga around Kaspersky Lab, a previously well-regarded information security firm founded in 1997 by Russian national Eugene Kaspersky. It seems to demonstrate why the US believes Kaspersky software was involved  in the hacking of an NSA contractor in 2015, as well as narrows down the nature of Kaspersky Lab’s supposed involvement in the Russian operation.

But it still leaves many further questions unanswered. Crucially for Kaspersky, the Israeli hack apparently failed to provide enough information to determine whether it was a willing, or even knowing, participant in the Russian espionage.

Kaspersky denies Spying for Russia  

Kaspersky vehemently denies being involved in any Russian spying activities

From spying on the Russian government hackers, Israeli intelligence has discovered that the hackers were using Kaspersky Lab anti-virus software to spy on US spies.

Back in 2015, Israeli intelligence officials hacked into Kaspersky systems and discovered the presence of an improvised search tool used to search computers worldwide for mentions of code names of American intelligence programmes.

While the case of spies spying on spies has only come to light now, the Israeli intelligence officials revealed their findings to the US which moved to ban the use of Kaspersky’s software on US government computers.

The use of this improvised search tool hidden in Kaspersky software appears to have been responsible for classified documents being stolen from the NSA.

It is as yet unclear on whether Kaspersky was involved in aiding the Russian hackers, or if the hackers simply used Kaspersky’s software as a backdoor onto computers worldwide that use the anti-virus.

Given anti-virus software generally has access to almost all the files on a computer in order to scan them for malicious code, a backdoor into it could effectively turn it into a hacker’s super weapon.

Kaspersky says No!

Kaspersky strongly denies any involvement in the hacking, with a spokesperson telling us: “Kaspersky Lab was not involved in and does not possess any knowledge of the situation in question.”

“Kaspersky Lab reiterates its willingness to work alongside US authorities to address any concerns they may have about its products as well as its systems, and respectfully requests any relevant, verifiable information that would help the company in its own investigation to certifiably refute the false accusations.

“Kaspersky Lab has never helped, nor will help, for any government in the world with its cyber-espionage efforts, and contrary to erroneous reports, Kaspersky Lab software does not contain any undeclared capabilities such as backdoors as that would be illegal and unethical.”
 
There is a strong chance that Russian hackers had breached Kaspersky Lab’s software without the cyber security company knowing it. And given such Russian hacking operation were discovered some time ago, there’s a chance that Kaspersky may have patched a backdoor, if it indeed existed, as part of its regular software updates.

It is very likely that more details of the Russian hacking operation will crop up over due course, but as it stands there is only room for speculation and paranoia at the moment.

But Kaspersky Lab chief executive Eugene Kaspersky is willing to work hard to show that his company in innocent in such hacking, as he has said he is willing to give US access to his company’s source code in an attempt to dispel rumours about ties to the Russian government.

Silicon:      Guardian:   Picured: Founder, Eugene Kaspersky

You Might Also Read:

Kaspersky Says We Can Trust Him:

UK National Cyber Security Centre Has Not Certified Kaspersky:

 

« AI Can Guess Your Password
Microsoft Chief Says N. Korea Was Behind 'WannaCry' »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Sophos

Sophos

Sophos is a worldwide leader in next-generation cybersecurity, protecting more than 400,000 organizations of all sizes in more than 150 countries from today’s most advanced cyberthreats.

Cyber Conflict Studies Association (CCSA)

Cyber Conflict Studies Association (CCSA)

Cyber Conflict Studies Association (CCSA) is a non-profit organization dedicated to leading a diversified research agenda in the field of cyber conflict.

Portnox

Portnox

In 2007, Portnox set out to create one of the world’s easiest to use, most loved, value-driven network security solutions — and our customers will tell you we’ve succeeded.

AcceptLocal

AcceptLocal

AcceptLocal is a payments industry consultancy with expertise in payment processing, payment security, anti-money laundering and fraud prevention.

Avast Software

Avast Software

Avast Software is a security software company that develops antivirus software and internet security services.

Intensity Analytics

Intensity Analytics

Intensity Analytics is a software firm that develops next-generation, physical user and entity behavioral authentication ("physical UEBA") security software technology.

Plurilock Security Solutions

Plurilock Security Solutions

Plurilock is a real-time cybersecurity solution that uses artificial intelligence to identify, prevent, and eliminate insider threats.

Sabat Group

Sabat Group

Sabat Group provide relationship-driven information security & cyber security recruiting services.

Security Management Partners (SMP)

Security Management Partners (SMP)

Security Management Partners (SMP) is a trusted partner to financial services, healthcare and businesses that need to manage their information, securely.

Hyperion Gray

Hyperion Gray

Hyperion Gray are a small research and development team focused on innovative work in a variety of areas including Software & Security Research, Penetration Testing, Incident Response, and Red Teaming

Mitigate Cyber

Mitigate Cyber

Mitigate Cyber (formerly Xyone Cyber Security) offer a range of cyber security solutions, from threat mitigation to penetration testing, training & much more.

Jit

Jit

Jit empowers developers to own security for the product they are building from day zero.

rSolutions

rSolutions

rSolutions delivers managed cybersecurity services to clients in many industry sectors including financial services, telecommunications, energy, government and retail.

RealDefense

RealDefense

RealDefense develops and markets various privacy, security and optimization technologies and services for consumers and small businesses.

ACDS (Advanced Cyber Defence Systems)

ACDS (Advanced Cyber Defence Systems)

ACDS was founded in the belief that cyber security can be done better. We’re combining emerging technologies and proven methods to bring a new approach to tackling the growing threat landscape.

Secure Enterprise Engineering (SEE)

Secure Enterprise Engineering (SEE)

SEE provides disruptive cybersecurity system engineering, architecture, and operational capabilities to make our customer’s missions execute faster, smarter, and more securely.