The Wall Street Journal has reported that Russian government-sponsored hackers have managed to steal extremely sensitive information about classified spying tools used by the United States’ National Security Agency (NSA). The information was hacked after an unnamed NSA contractor who is an expert at hacking computers and tracking communications, stored the classified information on his computer at home, which had Russian based security firm Kaspersky Lab’s anti-virus software installed.
It is yet unclear whether the NSA fired the contractor or not and if he will be prosecuted but it is believed that the agency is not accusing the contractor of intentionally cooperating with a foreign government. However, it is quite likely that the contractor will be facing prosecution since he has violated NSA rules by taking classified material home and storing it on his personal computer. Due to this, Russian hackers could identify the data and penetrate the computer as he was using Kaspersky Lab anti-virus. The contractor took the data home in 2015.
According to WSJ’s report, the material stolen by the Russian hacker group includes confidential details about the way the NSA performs eavesdropping after compromising foreign computer networks, the computer code used by the NSA and how it protects networks within the US.
This issue has brought to light the very reason behind US government’s recent crackdown on Kaspersky software. It must be noted that software from Kaspersky Lab has been banned from being used by US agencies.
It isn’t the first time that an NSA contractor has played a role in exposing the cyber-espionage tactics and tools used by the agency; previously three other NSA contractors namely Edward Snowden, Hal Martin and Reality Winner have exposed NSA secrets while the online entity Shadow Brokers not only stole NSA spying tools but also placed it for auction at dedicated platforms.
Nonetheless, the NSA has once again been embarrassed by exposing of its secret spying tools, and government officials in the US are irritated.
As per Republican senator in Nebraska Ben Sasse: “The men and women of the U.S. intelligence community are patriots, but the NSA needs to get its head out of the sand and solve its contractor problem. Russia is a clear adversary in cyberspace, and we can’t afford these self-inflicted injuries.”
Sen. Jeanne Shaheen, New Hampshire Democrat, is questioning the widespread use of Kaspersky products despite its banning in recent months: “This development should serve as a stark warning, not just to the federal government but to states, local governments, and the American public, of the serious dangers of using Kaspersky software. The strong ties between Kaspersky Lab and the Kremlin are extremely alarming.”
Kaspersky has, on the other hand, denied any links with the Russian government or its involvement in this hack attack and referred to it as a False Accusation. The company stated that it “has not provided any information or evidence substantiating this alleged incident, and as a result, we must assume that this is another example of a false accusation.”
Although there is no official statement from the NSA as yet intelligence officials assert that agencies in the USA have implemented extensively layered cyber-defenses which aren’t reliant upon a single system or tool. Therefore, exposures like these won’t affect the security measures of the NSA or its sibling agencies.
In their official statement, Eugene Kaspersky, Chairman, and CEO of Kaspersky Lab denied any involvement in the attack and urged investigating the issue. “Seriously: we’re very concerned about the possible breach of our products. If anon sources from WSJ article want to investigate let’s do it ASAP,” said Kaspersky in a Tweet.
OK, here is our official statement re the recent article in WSJ. pic.twitter.com/rdH6YcsZBZ
— Eugene Kaspersky (@e_kaspersky) October 5, 2017