Russian Hackers Exploited Kaspersky Antivirus To Steal NSA Data on US Cyber Defense: WSJ

An NSA contractor brought home highly classified documents that detailed how the U.S. penetrates foreign computer networks and defends against cyberattacks. The contractor used Kaspersky antivirus on his home computer, which hackers working for the Russian government exploited to steal the documents, the WSJ reported on Thursday (the link could be paywalled; alternative source), citing multiple people with knowledge of the matter. From the report: The hackers appear to have targeted the contractor after identifying the files through the contractor's use of a popular antivirus software made by Russia-based Kaspersky Lab, these people said. The theft, which hasn't been disclosed, is considered by experts to be one of the most significant security breaches in recent years. It offers a rare glimpse into how the intelligence community thinks Russian intelligence exploits a widely available commercial software product to spy on the U.S. The incident occurred in 2015 but wasn't discovered until spring of last year, said the people familiar with the matter. Having such information could give the Russian government information on how to protect its own networks, making it more difficult for the NSA to conduct its work. It also could give the Russians methods to infiltrate the networks of the U.S. and other nations, these people said. Ahead of the publication of WSJ report, Kaspersky founder Eugene Kaspersky tweeted, "New conspiracy theory, anon sources media story coming. Note we make no apologies for being aggressive in the battle against cyberthreats."

Re: Is it so easy to bring home classified stuff?

[nehumanuscrede]

Sadly, yes it is.

Many years ago when I was doing the Navy thing, I would find classified stuff just laying about, unsecured in staterooms.

( Security patrols in case you're wondering why I was even in Officer's Country )

The vast majority of it was documentation of various things found on a ship that was tossed onto a table or rack ( bed ) in a stateroom. Easy to spot due to the color of the cover sheets. ( blue, red, orange, etc )

Apparently the junior officers thought closing the door to their stateroom was enough to protect it. :|

I thought about hiding it from them just to watch the panic set in when they realized a Secret book was now missing, but it would have ended their careers, so I usually just educated them on it.

Stuff up to Secret levels only. Most TS+ and Crypto related stuff required 2-person control and they were much more protective of it.

Re:Idiot Contractor

Not quite: If you are the recipient of classified information, marked or unmarked, emailed to you, you have a responsibility to report it. Not doing so is a violation - probably not a jailable violation, but your next security briefing would be uncomfortable to say the least, and you probably would be denied anything above flat SECRET clearance in the future. Back in my classified days, I once received (from a government lab employee) a series of SECRET, oh, lets call them numbers. The guy obviously didn't mark them as such, and he even split them between two emails because he knew that the two emails together contained classified information, but separately they were unclassified. Fun fact: splitting a classified item between two emails specifically to avoid classification procedures is a no-no. I reported the incident. He was fired. My computer was seized off my desk for sanitation which took three days. The email server was scrubbed, but I reported it so quickly no backups were impacted, so that made scrubbing significantly easier.

Your next question would likely be: how do you know it's classified if it isn't marked? Answer: you make it your job to know. You work in the field, and you come to know what smells like a classified fact or figure. There are also security classified guides to help if you're not sure. And I admit, sure, one email, a hazy classified thing that you read quickly and slips by absolutely possible. But 100 emails (your number, I thought it was a little larger), that's willful disregard and negligence. If I had done it, probably not jail, but certainly no more clearances in my future.

I also seem to recall (too disinterested to look it up because this is all in the distant past), I believe what Comey said was not that what she did was not illegal, but that no one would prosecute her for it. Of course, not - she was Hillary Freaking Clinton, the likely next President of the US. That's like saying, hey, I'm pretty sure this is a loaded handgun I have here, but I can't seem to find anyone willing to put it against their temple and pull the trigger to test that theory.