Israeli Spies Hacked Kaspersky

Uploaded on 2017-10-31 in FREE TO VIEW, INTELLIGENCE--International, NEWS-Cybersecurity News

An Israeli security agency hacked into Russian antivirus firm Kaspersky Lab in 2015, providing the crucial evidence required to ban the company from providing services to the US government.

While the Israeli spies were inside Kaspersky’s systems, they observed Russian spies in turn using the company’s tools to spy on American spies. That information, handed to the US, led to the decision in September to end the use of the company’s software across the federal government by December.

The revelation answers some questions about the unfolding saga around Kaspersky Lab, a previously well-regarded information security firm founded in 1997 by Russian national Eugene Kaspersky. It seems to demonstrate why the US believes Kaspersky software was involved  in the hacking of an NSA contractor in 2015, as well as narrows down the nature of Kaspersky Lab’s supposed involvement in the Russian operation.

But it still leaves many further questions unanswered. Crucially for Kaspersky, the Israeli hack apparently failed to provide enough information to determine whether it was a willing, or even knowing, participant in the Russian espionage.

Kaspersky denies Spying for Russia  

Kaspersky vehemently denies being involved in any Russian spying activities

From spying on the Russian government hackers, Israeli intelligence has discovered that the hackers were using Kaspersky Lab anti-virus software to spy on US spies.

Back in 2015, Israeli intelligence officials hacked into Kaspersky systems and discovered the presence of an improvised search tool used to search computers worldwide for mentions of code names of American intelligence programmes.

While the case of spies spying on spies has only come to light now, the Israeli intelligence officials revealed their findings to the US which moved to ban the use of Kaspersky’s software on US government computers.

The use of this improvised search tool hidden in Kaspersky software appears to have been responsible for classified documents being stolen from the NSA.

It is as yet unclear on whether Kaspersky was involved in aiding the Russian hackers, or if the hackers simply used Kaspersky’s software as a backdoor onto computers worldwide that use the anti-virus.

Given anti-virus software generally has access to almost all the files on a computer in order to scan them for malicious code, a backdoor into it could effectively turn it into a hacker’s super weapon.

Kaspersky says No!

Kaspersky strongly denies any involvement in the hacking, with a spokesperson telling us: “Kaspersky Lab was not involved in and does not possess any knowledge of the situation in question.”

“Kaspersky Lab reiterates its willingness to work alongside US authorities to address any concerns they may have about its products as well as its systems, and respectfully requests any relevant, verifiable information that would help the company in its own investigation to certifiably refute the false accusations.

“Kaspersky Lab has never helped, nor will help, for any government in the world with its cyber-espionage efforts, and contrary to erroneous reports, Kaspersky Lab software does not contain any undeclared capabilities such as backdoors as that would be illegal and unethical.”
 
There is a strong chance that Russian hackers had breached Kaspersky Lab’s software without the cyber security company knowing it. And given such Russian hacking operation were discovered some time ago, there’s a chance that Kaspersky may have patched a backdoor, if it indeed existed, as part of its regular software updates.

It is very likely that more details of the Russian hacking operation will crop up over due course, but as it stands there is only room for speculation and paranoia at the moment.

But Kaspersky Lab chief executive Eugene Kaspersky is willing to work hard to show that his company in innocent in such hacking, as he has said he is willing to give US access to his company’s source code in an attempt to dispel rumours about ties to the Russian government.

Silicon:      Guardian:   Picured: Founder, Eugene Kaspersky

You Might Also Read:

Kaspersky Says We Can Trust Him:

UK National Cyber Security Centre Has Not Certified Kaspersky:

 

« AI Can Guess Your Password
Microsoft Chief Says N. Korea Was Behind 'WannaCry' »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CYBERPOL

CYBERPOL

CYBERPOL is the leading Public Utility Agency for investigating cyber crimes and cyber attacks by criminals, international adversaries.

SecWest

SecWest

SecWest is the organizer of CanSecWest, PACSEC, originator of PWN2OWN, security auditing, and virtual engagement/training.

Zymr

Zymr

Zymr specialize in cloud computing solutions including Cloud Security, Cloud Mobility, Cloud Apps, Cloud Infrastructure and Cloud Orchestration.

CyberVista

CyberVista

CyberVista is a cybersecurity training education and workforce development company. Our mission is to eliminate the skills gap by creating job ready professionals.

KOS-CERT

KOS-CERT

KOS-CERT is the national Computer Incident Response Team for Kosovo.

LaoCERT

LaoCERT

LaoCERT is the national Computer Incident Response Team for Laos.

Global Incubator Network Austria (GIN Austria)

Global Incubator Network Austria (GIN Austria)

GIN Austria is the connecting link between Austrian and international startups, investors, incubators and accelerators with a focus on selected hotspots in Asia.

Dataprovider.com

Dataprovider.com

Our Brand Protection Suite gives you the tools to discover trademark infringement on the Internet, such as websites selling counterfeit products, even when this is not immediately noticeable.

UMBRA

UMBRA

UMBRA is solely concerned with protecting governments against Nation State attacks. We are not a consumer or enterprise company.

Corellium

Corellium

Corellium are dedicated to supporting our peers in the ARM community who seek to build more secure, performant, and accessible software and devices.

TopSOC Information Security

TopSOC Information Security

TopSOC Information Security provide a wide range of security consultation, implementation and training services.

Citizen Lab - University of Toronto

Citizen Lab - University of Toronto

Citizen Lab focuses on research and development at the intersection of cyberspace, global security & human rights.

Alpha Mountain AI (alphaMountain)

Alpha Mountain AI (alphaMountain)

alphaMountain provides up-to-date domain and IP intelligence for cybersecurity investigational and protection platforms.

Cyber1

Cyber1

CYBER1 is a leader in cyber security advisory and solutions. We are uniquely placed to help customers achieve cyber resilience and thus, safeguard reputation and value.

National Coordinator for Security and Counterterrorism (NCTV) - Netherlands

National Coordinator for Security and Counterterrorism (NCTV) - Netherlands

The NCTV serves the Netherlands’ national security. We protect national interests, identify threats and strengthen resilience.

SureCloud Cyber Services

SureCloud Cyber Services

Our Cyber Testing capability has been honed since we were founded in 2006 as a disrupter in the penetration testing market.