Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Firm Kaspersky, Which Has Been Accused by US of Working With Russian Spies, Helped Catch an Alleged NSA Data Thief

Posted by msmash on from the stranger-things dept.

An anonymous reader shares a report: The 2016 arrest of a former National Security Agency contractor charged with a massive theft of classified data began with an unlikely source: a tip from a Russian cybersecurity firm that the U.S. government has called a threat to the country. Moscow-based Kaspersky Lab turned Harold T. Martin III in to the NSA after receiving strange Twitter messages in 2016 from an account linked to him, according to two people with knowledge of the investigation. They spoke with POLITICO on condition of anonymity because they're not authorized to discuss the case.

The company's role in exposing Martin is a remarkable twist in an increasingly bizarre case that is believed to be the largest breach of classified material in U.S. history. It indicates that the government's own internal monitoring systems and investigators had little to do with catching Martin, who prosecutors say took home an estimated 50 terabytes of data from the NSA and other government offices over a two-decade period, including some of the NSA's most sophisticated and sensitive hacking tools. The revelation also introduces an ironic turn in the negative narrative the U.S. government has woven about the Russian company in recent years.

15 of 85 comments (clear)

  1. Who? by sexconker · · Score: 3, Insightful

    Who actually believes the accusations against Kaspersky?

    1. Re:Who? by Anonymous Coward · · Score: 2, Interesting

      The accusation was that KAV could not be trusted because K was in Russia and it was feared the company was infiltrated. Eugene was not credibly personally accused at any point of any crimes or malfeasance. It was a possibility.

      Ultimately it appears agents of Russia used the product to find NSA tools by name-matching to known keywords, it wasn't breached so much as it was misused for that purpose. Every system has vulns. AV ops are no different.

      But it should be noted that Russian agents were involved in that, albeit not with Eugene's knowledge or aid. So any Trumptards proclaiming this is Russophobia are abject morons proven once more again.

    2. Re:Who? by duke_cheetah2003 · · Score: 3, Insightful

      Who actually believes the accusations against Kaspersky?

      I do. And only because... why wouldn't they? There's no reason I can conjure up that would plausibly explain how Kapersky is not in bed with the FSB.

      To think they aren't is folly. We know the Russian government loves to play all sorts of under the table games with just about every other country on the earth. That they wouldn't leverage software publishers within their sphere against other countries is just naive. Of course they would. Wouldn't you?

    3. Re:Who? by Shotgun · · Score: 2

      And I think there is a surprising amount of evidence to indicate that US "intelligence" agencies do the same with companies in our influence. This is sort of SOP at this point, is it not?

      --
      Aah, change is good. -- Rafiki
      Yeah, but it ain't easy. -- Simba
    4. Re:Who? by PPH · · Score: 2

      And China with Huawei, ZTE, etc. It's pretty much SOP wherever you go. So just learn to live with it.

      --
      Have gnu, will travel.
    5. Re:Who? by jellomizer · · Score: 2

      In general if a country is known to be actively trying to hack and break into your countries sensitive systems. And said country has a proven policy of tight control between government and industry. It really wouldn't be a good idea, to use there system to protect yours.

      Can Kaspersky be honest and not send any data to its host government... Yes, it is possible. However, for the Russian Government, they are a key ready at their disposal if they ever feel they need them. Just like how the United States NSA went into the privately owned Telcos to get our telephone meta-data, without much resistance from them, because of "9/11" it would be just as easy for the Russian Government to get in and get the data.

      Kaspersky, will need to do a Lot to prove their trustworthiness to be on US government systems.

      I have no reason to not believe the accusations against Kaspersky. And for this story there is really isn't a connection. Because it is very easy for a company to actually do its job, and report back to its customer.

      --
      If something is so important that you feel the need to post it on the internet... It probably isn't that important.
    6. Re:Who? by mattyj · · Score: 5, Insightful

      This is the worst reasoning. You sound like one of those "If you have nothing to hide, you have nothing to worry about" guys re: the Surveillance State.

      Kaspersky has had a stellar reputation in the community for two decades. They've consistently been one of the top cybersecurity researchers in the world.

      That being said, who knows, maybe Putin has an office at their HQ, but all this FUD without a shred of evidence whatsoever isn't helping anything.

    7. Re:Who? by khchung · · Score: 3, Insightful

      Who actually believes the accusations against Kaspersky?

      I do. And only because... why wouldn't they?

      Then use the same logic to believe that the US lied about Kaspersky, because... why wouldn't they?

      --
      Oliver.
    8. Re:Who? by drinkypoo · · Score: 2

      Kaspersky has had a stellar reputation in the community for two decades. They've consistently been one of the top cybersecurity researchers in the world.

      Their technical competence is not in question, their ability to resist the probable demands of the Russian security apparatus is. I don't mean to imply that this fact differentiates Russia from the USA in any fashion, but Russia is known to be a bit insistent about cooperation with the state.

      That being said, who knows, maybe Putin has an office at their HQ, but all this FUD without a shred of evidence whatsoever isn't helping anything.

      It would be foolish not to assume that they are compromised, much as major American companies have been compromised. I always pretty much assume that the US, Russia, and China are doing more or less the same stuff... only in differing proportions. And probably more than a handful of others as well, but I don't want to go too far off track. Those, at least, are actors known to behave in such a fashion. Anyone who can afford to engage in espionage does so.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  2. A more accurate headline should have read as... by bogaboga · · Score: 5, Insightful

    Security Firm Kaspersky, Which Has Been Accused by US of Working With Russian Spies, Helped Catch an Alleged NSA Data Thief

    Security Firm Kaspersky, Which Has Been Accused by US of Working With Russian Spies with no evidence furnished thus far, Helped Catch an Alleged NSA Data Thief

    1. Re:A more accurate headline should have read as... by mattyj · · Score: 4, Interesting

      Kasperksy Lab is incorporated in the UK, by the way, only HQ'd in Moscow, so the company as a whole can't really be taken over by the Russian government. My guess is that a 20 year old cybersecurity company HQ'd in Russia has the good sense to have their digital assets stored/cloned outside the reach of the government.

      It's pretty standard for a cybersecurity outfit to employ former government agents. You know, like all the American ones that have former NSA spooks on the payroll. Standard operating procedure because that's where the best people come from.

      Maybe it all just a front, but I'm not believing it. Kaspersky Labs has had a pretty stellar reputation for a very long time now.

  3. He wasn't a rocket surgeon by netringer · · Score: 3, Funny

    Kaspersky found who was behind the Twitter handle by using the highly specialized tool ...Google. He used the same HAL9999999 handle when posting to a dating site. Protip to eleeet spy teefs: Don't do stuff like that.

    --
    Ever dream you could fly? Get up from the Flight Sim. I Fly
  4. Nobody said they were willing participants. by Gravis+Zero · · Score: 2, Insightful

    Nobody has claimed Kaspersky was a willing or even witting participant in the event, only that they were a participant. As such, it's fully within the rights of the US government to deem their software on US government systems to be a threat and to advise employees to not use it.

    On the other hand, what better way to sow seeds of self-doubt than to sacrifice a pawn?

    There are a couple reasons to trust them but far more numerous and more compelling reasons to distrust them.

    --
    Anons need not reply. Questions end with a question mark.
  5. In all likelihood by nehumanuscrede · · Score: 5, Interesting

    Kaspersky is probably the only company who refuses to look the other way at NSA / CIA born malware and viruses.

    If you don't play nice with the spooky types, they make life hell on you in return.

  6. This makes sense by Miles_O'Toole · · Score: 4, Interesting

    TFA says Kaspersky's tip led to the arrest in 2016 of a security contractor who stole massive amounts of data from the NSA. Their reward was that in 2017, Donald Trump signed legislation banning Kaspersky on government computers, and prohibiting government institutions from buying or installing it on "computers and other devices".

    It looks an awful lot like Kaspersky proved in 2016 they were not a tool of the Russian government. Their reward was that less than a year later, Putin reached out through his asset in the White House to punish them for failing to bend over and spread for him.

    --
    Only two things are infinite, the universe and human stupidity, and I'm not sure about the former.