Slashdot Mirror
'Very High Level of Confidence' Russia Used Kaspersky Software For Devastating NSA Leaks (yahoo.com)
bricko shares a report from Yahoo Finance: Three months after U.S. officials asserted that Russian intelligence used popular antivirus company Kaspersky to steal U.S. classified information, there are indications that the alleged espionage is related to a public campaign of highly damaging NSA leaks by a mysterious group called the Shadow Brokers. In August 2016, the Shadow Brokers began leaking classified NSA exploit code that amounted to hacking manuals. In October 2017, U.S. officials told major U.S. newspapers that Russian intelligence leveraged software sold by Kaspersky to exfiltrate classified documents from certain computers. (Kaspersky software, like all antivirus software, requires access to everything stored on a computer so that it can scan for malicious software.) And last week the Wall Street Journal reported that U.S. investigators "now believe that those manuals [leaked by Shadow Brokers] may have been obtained using Kaspersky to scan computers on which they were stored." Members of the computer security industry agree with that suspicion. "I think there's a very high level of confidence that the Shadow Brokers dump was directly related to Kaspersky ... and it's very much attributable," David Kennedy, CEO of TrustedSec, told Yahoo Finance. "Unfortunately, we can only hear that from the intelligence side about how they got that information to see if it's legitimate."
Where is this evidence?
The first attack, on Aug. 24, involved an attack on an American company "evidently to obtain information on elections-related software and hardware solutions."
That attack was most likely successful. The report said the G.R.U. used data most likely obtained from it to conduct the second set of attacks, a "voter registration themed spear-phishing campaign targeting U.S. local government organizations."
Specifically, it said, in late October or early November, the G.R.U. sent to 122 local elections officials emails designed to look as if they were from that company and containing attachments designed to look like an updated system manual and checklist. Opening the attachment would download malicious software from a remote server, the report said.
The report masked the name of the software vendor, referring to it as "U.S. Company 1," in keeping with standard minimization rules for intelligence reports based on surveillance. However, the report contained references to an electronic voter identification system used by poll workers and sold by VR Systems, a Florida company.
VR Systems' website said its products were used by jurisdictions in California, Florida, Illinois, Indiana, New York, North Carolina, Virginia and West Virginia. In a statement, VR acknowledged that there had been a problem, while stressing that none of its products dealt with vote marking or tabulation. ...
Mr. Trump called for a crackdown in the context of leaks about what surveillance has shown about his own associatesâ(TM) contacts with Russian officials. The report Ms. Winner is accused of leaking, by contrast, focuses on pre-election hacking operations targeting voter registration databases and does not mention the Trump campaign.
Yes, he ran against Hillary.
And got 3 MILLION *fewer* votes.
And was publicly opposed by hundreds of prominent members of the GOP & the American Right, incl both Presidents Bush, 20 National Security directors, 16 former Defense Department officials, 40 senior State Department officials including Richard Armitage & William Howard Taft IV, great grandson of a Republican president and the only man to have been both POTUS & Chief Justice of the SCOTUS, 40 former Republican congressmen including Tom Petrie & Joe Scarborough, 30 *sitting* congressmen incl New York's Richard Hanna, 15 current & former US Senators incl Jeff Flake, Lisa Murkowski, John McCain, Lindsey Graham, Dean Heller and John Warner, over 20 current & former state governors incl Arnold Schwarznegger & Mitt Romney, dozens of former cabinet officials incl Bob Gates, Colin Powell, Michael Chertoff, Condoleezza Rice and John Negroponte.
And the many many standard bearers of conservative news & media who broke with longstanding tradition to either endorse Clinton or openly denounce Trump, the very stable genius.
The fault lies with the contractor who stole classified information, took it home, and put it on a personal computer where he had Kaspersky installed. I have a very hard time believing such actions to NOT be deliberate with the intention that the programs be scanned by Kaspersky, and possibly specifically by Kaspersky. I'm not saying Nghia Hoang Pho, 67, was flipped in his soviet client state homeland and sent to the US with specific pro-Russian instructions, but I mean, come on....
That is not evidence of Trump trying to shield Russia. That is evidence of Trump trying to enforce the nation's anti-espionage laws, although he still has a long way to go before he equals Obama's record for prosecuting alleged leakers.
Do you have video of Trump talking to Russia's president or prime minister, saying something like "after my election, I have more flexibility", and asking that the message be carried to Vladimir Putin? Did Trump's DOJ hide an investigation into Russian bribes and similar corruption among uranium dealers until after Trump's State Department approved the sale of something like 20% of America's uranium reserves to a Russian company?
If you substitute "Obama" for "Trump" in those questions, the answer to both is "yes".
But that's a narrative that you won't hear from Los Tiempos de Nuevo York.
The OS had changes made by the NSA malware. Every new AV product made with some level of skill should have detected the new, novel and unexpected changes to the OS. ....
Got a sample and reported back to their brand for that brands experts to the look over and warn the world about.
Thats what every good AV brands builds behavioral analysis into their AV products.
Behavioral analysis is what finds the new problems in the wild and protects the global community from new issues deep in an OS, network.
Detecting new malware and protecting the world from new malware is not "espionage"
Domestic spying is now "Benign Information Gathering"