Slashdot Mirror

← Back to Stories (view on slashdot.org)

Russian Hackers Exploited Kaspersky Antivirus To Steal NSA Data on US Cyber Defense: WSJ (wsj.com)

Posted by msmash on from the breaking-news dept.

An NSA contractor brought home highly classified documents that detailed how the U.S. penetrates foreign computer networks and defends against cyberattacks. The contractor used Kaspersky antivirus on his home computer, which hackers working for the Russian government exploited to steal the documents, the WSJ reported on Thursday (the link could be paywalled; alternative source), citing multiple people with knowledge of the matter. From the report: The hackers appear to have targeted the contractor after identifying the files through the contractor's use of a popular antivirus software made by Russia-based Kaspersky Lab, these people said. The theft, which hasn't been disclosed, is considered by experts to be one of the most significant security breaches in recent years. It offers a rare glimpse into how the intelligence community thinks Russian intelligence exploits a widely available commercial software product to spy on the U.S. The incident occurred in 2015 but wasn't discovered until spring of last year, said the people familiar with the matter. Having such information could give the Russian government information on how to protect its own networks, making it more difficult for the NSA to conduct its work. It also could give the Russians methods to infiltrate the networks of the U.S. and other nations, these people said. Ahead of the publication of WSJ report, Kaspersky founder Eugene Kaspersky tweeted, "New conspiracy theory, anon sources media story coming. Note we make no apologies for being aggressive in the battle against cyberthreats."

2 of 223 comments (clear)

  1. Re:Idiot Contractor by Anonymous Coward · · Score: 5, Informative

    Do you have a copy of the terms of the contract that dictates what the contractor is and is not allowed to do? Can you provide information on relevant law governing information access? Can you cite what level of clearances are involved?

    From TFA:

    "An NSA contractor brought home highly classified documents that detailed how the U.S. penetrates foreign computer networks and defends against cyberattacks. The contractor used Kaspersky antivirus on his home computer...

    As you can see in the above text, I've highlighted the areas that might help pull your head out of your ass.

    "Home" computers are not something that is authorized for storing or transmitting highly classified information. Not to mention "home" building codes lacking SCIF-level TEMPEST protections. Regardless of my lack of access to specific contractual details, I'd say there's about a 0.0000001% chance that this bullshit was authorized in any way.

  2. Re:Idiot Contractor by Anonymous Coward · · Score: 0, Informative

    Challenge accepted.

    18 U.S. Code 798 - Disclosure of classified information>

    "Whoever knowingly and willfully communicates, furnishes, transmits, or otherwise makes available to an unauthorized person, or publishes, or uses in any manner prejudicial to the safety or interest of the United States or for the benefit of any foreign government to the detriment of the United States any classified information..."

    [Emphasis mine]