Report: NSA Secrets Stolen From Computer Using Kaspersky Software

Kaspersky Labs CEO Eugene Kaspersky characterizes the breach report as “a new conspiracy theory.”
CyberSecurity Law Introduction 网络安全法宣传视频系列
Agents tied to the Kremlin breached a home computer of a National Security Agency contractor that ran anti-virus software from Russian-owned Kaspersky Labs, pilfering details on how the U.S. penetrates networks and defends against cyberattacks, according to the Wall Street Journal. The contractor had removed the highly classified material and put it on his home computer, the newspaper reports.
See Also: How to Scale Your Vendor Risk Management Program
The hackers appear to have targeted the contractor after identifying the files on the home computer through the contractor’s use of Kaspersky security software, sources with knowledge of the matter told the newspaper.
The breach occurred in 2015 but wasn’t uncovered until this past spring, according to the news report, which added that the stolen data included specifics about how the NSA infiltrates foreign IT networks, the computer code it uses for such spying and how it defends networks inside the U.S.
Three weeks ago, the Trump administration ordered U.S. federal executive branch agencies to remove Kaspersky anti-virus software from their computers within 90 days (see Kaspersky Software Ordered Removed From US Gov’t Computers). At the time, the Department of Homeland Security issued a statement that said Kaspersky security products pose a risk to federal information systems because they provide broad access to files and elevated privileges on the computers where they’re installed that could be exploited by malicious cyber actors to compromise those IT systems. A bill funding the military that the Senate passed last month would ban use of Kaspersky software in the armed services.
Kaspersky Denies Report
In a statement to the Journal, Kaspersky Lab said it “has not been provided any information or evidence substantiating this alleged incident, and as a result, we must assume that this is another example of a false accusation.”
Company CEO Eugene Kaspersky characterized the Journal story as a “new conspiracy theory. … We make no apologies for being aggressive in the battle against cyberthreats.”

网络钓鱼仿冒对象日趋分散,钓鱼网站制作的低成本和钓鱼产业链的成熟,造成了钓鱼网站的分散化和热点轮动的特点,让钓鱼网站的处理难以集中化,给反钓鱼工作增加新难度。
New conspiracy theory, anon sources media story coming. Note we make no apologies for being aggressive in the battle against cyberthreats— Eugene Kaspersky (@e_kaspersky) October 5, 2017
Kaspersky has long maintained it does not do work for any government, including Russia’s (see Kaspersky Lab Debate: Put Up or Shut Up) .
‘Data Goes Back to Russia’
Earlier this week, speaking at a cybersecurity forum sponsored by the Washington Post, White House Cybersecurity Coordinator Rob Joyce hinted about how the Russian government could exploit Kaspersky software.
Joyce pointed out that anti-virus software runs at the very lowest level of the operating system. “It’s designed to scan every file on your computer,” he said. “It scans those files looking for things based on a series of commands that come from the company. That company is a Russian company. … That data comes off your machine and goes back to Russia; it’s vulnerable and available.”
Sen. Jeanne Shaheen, D-N.H., who has backed the U.S. government’s move to ban Kaspersky software from government computers, said in a tweet the administration should be more transparent regarding the ban: “This should serve as a stark warning. Trump admin should declassify info on Kaspersky Labs to raise awareness.”
This should serve as a stark warning to all. Trump admin should declassify info on Kaspersky Lab to raise awarenesshttps://t.co/fXMXS0Kdgy— Sen. Jeanne Shaheen (@SenatorShaheen) October 5, 2017
利用相关热点新闻事件的诈骗份子可会好好利用灾难时机,组织在这个时候要加强员工计算机安全意识的培训,不要点击那些猎奇的小道消息来源链接及附件。

猜您喜欢

一分钟的信息安全意识动画片,轻松演绎企业信息安全基础知识。
网络战争取胜关键在于普通网民
Security-Frontline-安全前线
大学生国庆跑步回家:70公里花9.5小时 回想略后怕
EGY-HOSPITALS TVOJTRENER
EHS员工代表必须深刻理解的专业领域基础知识内容