Slashdot Mirror

← Back to Stories (view on slashdot.org)

Kaspersky Explains Why They Won't Say Who Hacked Them

Posted by timothy on from the oh-that-rings-true dept.

New submitter ChannelGonzo writes: Larry Walsh at Channelnomics scores the scoop in a Q&A with Kaspersky's Chris Doggett who says it's not the Russian security company's job to figure out who is responsible for a sophisticated cyber attack on its corporate network over the past few months. "We believe that to go beyond our area of expertise and speculate on the possible sources of attacks is not in the best interest of our customers," Doggett said.

28 of 124 comments (clear)

  1. TL;DR by OverlordQ · · Score: 2, Insightful

    We wont say, because if we do, we'll look bad.

    --
    Your hair look like poop, Bob! - Wanker.
  2. I say that they say... by antiperimetaparalogo · · Score: 4, Interesting

    Well, sometimes you can say somethings by saying "i won't say"... i think many of us can understand that they already said who they think those who hacked them were - i understand that as an international company they try to avoid any nationalistic references because it is really bad for business, especially when most of your clients will consider it as an attack to them personaly.

    --
    Antisthenes: "Wisdom begins by examining the words/names." - excuse my English, i am (slightly...) better with my Greek!
  3. Putin's cyber henchmen obviously by YouGotTobeKidding · · Score: 2, Interesting

    They wont say because if they do they will all have mysterious 'accidents'....just like happened to Putin's enemies in the past. http://www.cnn.com/2015/03/03/... http://www.theglobeandmail.com... http://www.businessinsider.com...

  4. Duh by penguinoid · · Score: 3, Funny

    Obviously it's for reasons which have nothing to do with the truth being embarrassing.

    --
    Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
  5. Sorry what is their area of expertise by presidenteloco · · Score: 2, Funny

    again?

    --

    Where are we going and why are we in a handbasket?
    1. Re:Sorry what is their area of expertise by Anonymous Coward · · Score: 2, Insightful

      More specifically, security software.
      If they don't know how to perform an investigation when security has been breached, then I don't know how they can perform their roles as security experts.

    2. Re:Sorry what is their area of expertise by Tablizer · · Score: 5, Informative

      A: Not ticking off Putin.

      --
      Table-ized A.I.
  6. NSA by jinchoung · · Score: 5, Insightful

    i would be shocked if NSA weren't involved.

    1. Re:NSA by Opportunist · · Score: 2

      What's to gain? The NSA ain't some Dr-Evil kinda organizations doing evil stuff for the sake of being evil, that's more a bonus value to them. First and foremost they aim for more power.

      What's in it for them if they pwn an antivirus corporation? And of all the targets, why Kaspersky? I don't know the inner workings of the companies, but if the quality of their product reflects in any way their competence, McAfee would not only be a far easier but, considering their corporate clients, far more interesting target.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    2. Re:NSA by evilrip · · Score: 3, Informative

      Plenty to gain; Kaspersky is installed all over parts of the world that in high interest and these did find stuxnet out. Probably they decided it was better to use them as access vector instead of a worm that could spin out of control.

      --
      "To err is human, to forgive, beyond the scope of the Operating System"
  7. *sigh* Idiots! The net is so damn full of em...... by TiggertheMad · · Score: 4, Insightful

    You analysis of the article seems flawed. They say pretty clearly that they don't reveal information that might hamper criminal investigations, and that they are talking to authorities in the appropriate jurisdictions.

    tl,dr? THEY CANT SAY BECAUSE, COPS ARE DOING COP STUFF.

    --

    HA! I just wasted some of your bandwidth with a frivolous sig!
  8. Someone with money by Iamthecheese · · Score: 5, Insightful

    People were poopooing the virus, but I think that's because they didn't read the report.

    This is a highly sophisticated polymorphic virus using multiple forms of encryption in multiple layers against multiple attack vectors. It's really a piece of work. I don't know why someone would write it and then use it directly against Kaspersky but whoever did it had the cash to hire some very clever people, or was a team of programmers with a genius at the helm and amazing opsec.

    Considering the sophistication of the virus I think it would be silly to speculate about who wrote it: whoever it is had to spend a good deal of effort covering their tracks and could easily have compromised multiple third parties just to create red herrings.

    --
    If video games influenced behavior the Pac Man generation would be eating pills and running away from their problems.
    1. Re:Someone with money by PopeRatzo · · Score: 2

      I'm with you. I expect a company to be completely transparent about the products they sell, and their business practices. When they are the victim of a crime I expect them to protect themselves.

      I'm pretty sure there's more to this story than we're getting at the moment. I'll stay tuned and defer judgement.

      --
      You are welcome on my lawn.
    2. Re:Someone with money by drinkypoo · · Score: 2

      If you excuse me, I go shop for more tinfoil before it's too late...

      You have plenty of perspective, but forgot to look in both directions.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    3. Re:Someone with money by Opportunist · · Score: 2

      What other direction is there? Who else, what other "power", has the means and skills to do something like that?

      ISIS/terror groups? Please. Yes, they have a handful of skilled computer people but they are not only few and far between, they are also FAR from having the necessary organization. Plus, it's not their style, they're for shock and awe, not cloak and dagger.

      Russia? Half of the staff of K formerly worked for the KGB or other groups, and as Putin once said, there ain't such a thing as a former KGB. If the Russian government wanted something from K, I am fairly sure it would not have required a letter, a simple informal meeting over some tea would have sufficed.

      China? Maybe the only power with the means and capability, but what's in it for them? Russia is no market, Russian companies are no competitors. Plus they want Russian oil, certainly not a good time to piss them off.

      What else is there but the "western world" with the means, organizational structure, capability and motivation to do something like that?

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  9. Re:DUHHHHH by Opportunist · · Score: 5, Funny

    Why not us for a change? Dammit, the Russians and Chinese don't have the monopoly on being able to hack something, ya know?

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  10. Re:Losing faith by Opportunist · · Score: 5, Funny

    Now, now. They fucked up, but that's no reason to start name calling. It's not ok to call a security company Norton. NO matter how much they fucked up.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  11. Re:DUHHHHH by elwinc · · Score: 5, Interesting

    Whoever hacked Kaspersky was probably hunting moles. From the outside, it looks as if Kaspersky has been positively brilliant, revealing state level actors, cracking stuxnet, duqu, & duqu2. But what if some other state level actor had been feeding Kaspersky? What if spies, not security researchers, told Kaspersky where to look? It would be worth a lot for the authors of stuxnet etc to be able to confirm or deny that Kaspersky worked without help. That's the best reason I can see for hacking into Kaspersky.

    --
    --- Often in error; never in doubt!
  12. Internet security is hard... by NotQuiteReal · · Score: 3, Funny

    If I do it standing up, I am "safe", right?

    --
    This issue is a bit more complicated than you think.
  13. Re:they won't say because.... by PopeRatzo · · Score: 2, Interesting

    They don't want to be killed by US agents.

    The Mossad don't work for the US. It's the other way around.

    --
    You are welcome on my lawn.
  14. They Did Say Indirectly by Anonymous Coward · · Score: 4, Interesting

    I read the report and they were clear without saying directly.

    1. From compile dates the office work week was Sunday to Friday.
    2. There was much less activity on Friday and no activity on Saturday.
    3. The time zone was UTC+2 hours

    That is code for Israel. They could not be any clearer withut saying it directly.

    1. Re:They Did Say Indirectly by tgv · · Score: 2

      Turkey and Egypt would fit the bill too, I believe. The whole region doesn't work on Saturday.

  15. FTFS: "We are not cops." by ihtoit · · Score: 2

    ...is basically what they're saying. And they're right, they're not cops, they're not investigators. They're a software company.

    THAT SAID:

    From what I can gather, the "hack" was in the form of a highly complex payload which used multiple vectors. This isn't script kiddy stuff, this is planned and executed with a LOT of money behind it. Less likely to be a disgruntled employee or a pissed off customer, more likely to be a state player or rival with knowledge of the network. They might start by discussing with the police, the identities of those outside the company that the employees from the Directors to the janitors talk to about work, then run backgrounds on those people. I would not be too surprised (though the evidence is currently lacking to back up my position) if this were the work of British or American foreign intelligence - DoD, CIA or MI6. I don't think the FSB would be up for this since it's a Russian company with clear access to computers all over the world by simple virtue of the ubiquitous nature of its software. It wouldn't make the GRU very happy to suddenly find a potential backdoor to millions of computers suddenly slammed shut by a sister agency. Who else? Israel? I doubt it, what motive would they have? Besides, they're too busy killing Palestinians. Though looking at the Wired article, it would appear that suspicion is heavily on Israel with the toolkit being identified - and sharing a lot of common code - as a Duqu derivative with some Stuxnet code in there as well, which they're calling Duqu 2.0. This article does not agree with the one referenced in TFS, in that Kaspersky is reported to not actually know how much data has been stolen but they do know it's a significant amount and specific in nature.

    --
    Political debates have me rolling my eyes so much I think I got optical whiplash. I should sue. - Foamy The Squirrel
  16. Re:No one wins by CBravo · · Score: 2

    I rewrote that for you:

    Announcing to the world that you've been infiltrated by [major unknown party] is a decision that must be weighed by some enormous number of calculated steps.

    If you're correct, you have risk

    If you're wrong, you have risk

    The only winning move is not to play.

    --
    nosig today
  17. Re:DUHHHHH by frovingslosh · · Score: 2

    I was thinking exactly the opposite. You don't want to say who did it when it was the N.S.A.

    --
    I'm an American. I love this country and the freedoms that we used to have.
  18. Re:DUHHHHH by BitZtream · · Score: 2, Funny

    No, they don't, they just have a monopoly on getting caught often. We get caught less because we're better at it. It generally takes a traitor for us to get caught.

    --
    Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
  19. Re:No one wins by CBravo · · Score: 2

    You have me completely surrounded with your infallable reasoning.... not.

    --
    nosig today
  20. Re:*sigh* Idiots! The net is so damn full of em... by Anonymous Coward · · Score: 2, Funny

    tl,dr? THEY CANT SAY BECAUSE, COPS ARE DOING COP STUFF.

    I don't see what shooting black people has to do with any of this.