Agents tied to the Kremlin breached a home computer of a National Security Agency contractor that ran anti-virus software from Russian-owned Kaspersky Labs, pilfering details on how the USA penetrates networks and defends against cyberattacks, according to the Wall Street Journal.
The breach was first reported by the Wall Street Journal, and is the latest cyber security incident to impact the NSA involving the use of government contractors. Those reports do not contain any evidence Kaspersky was complicit in the attack, something the company denies.
These documents provide details on how our government agencies get into "foreign computer networks" and how we defend ourselves "against cyberattacks".
Due to the fact that the USA government banned Kaspersky products from federal computers in September, Kaspersky repeatedly offered up the source code of its products for officials to review.
According to anonymous sources, a malicious code let hackers steal classified code, documentation and some other sensitive data.
Investigators are looking to figure out if Kaspersky's engineers designed it to weed out such files, the newspaper noted. It also could give the Russians methods to infiltrate the networks of the US and other nations, these people said.
Kaspersky's defense is roughly in line with the general consensus among nonaligned information security experts.More news: Las Vegas police investigate possible vehicle bomb plan
The security breach dates back to 2015, and it was made possible when a National Security Agency contractor copied sensitive files to his own computer.
The Department of Homeland Security and the Office of the Director of National Intelligence on Election Security have concluded that operatives from two Russian spy agencies infiltrated computers of the Democratic National Committee months before the U.S. national election released hundreds of emails from the party staffers.
Instead what appears to have happened is that the AV software indicated the existence of the NSA secret data, which told the Russian hackers what computer to penetrate and where to look.
"The only conclusion seems to be that Kaspersky Lab is caught in the middle of a geopolitical fight", the statement said. "We make no apologies for being aggressive in the battle against cyberthreats". A bill funding the military that the Senate passed last month would ban use of Kaspersky software in the armed services.
That kind of data could give Moscow information on how to protect its own networks, along with methods to breach USA networks and those of other nations, the Journal reported. Kaspersky AV has been banned from use inside the NSA for years, but nothing prevents NSA contractors from installing it on their home computers.
The worker was employed at Tailored Access Operations, which is an elite unit of NSA's hacking division that creates tools for penetrating computers in order to obtain foreign intelligence.