Russian Hackers Stole NSA Data on U.S. Cyber Defense

"Russian Hackers Stole NSA Data on U.S. Cyber Defense

The breach, considered the most serious in years, could enable Russia to evade NSA surveillance and more easily infiltrate U.S. networks...

Hackers working for the Russian government stole details of how the U.S. penetrates foreign computer networks and defends against cyberattacks after a National Security Agency contractor removed the highly classified material and put it on his home computer, according to multiple people with knowledge of the matter.

The hackers appear to have targeted the contractor after identifying the files through the contractor's use of the use of a popular anti-virus software made by Russia-based Kaspersky Lab, these people said..."

https://www.wsj.com/articles/russian-hackers-stole-nsa-data-on-u-s-cyber-defense-1507222108

[Full Story requires subscription (that I don't have).]

 

More:

"...'The theft is considered by experts to be one of the most significant security breaches in recent years. It offers a glimpse into how the intelligence community thinks Russian intelligence exploits a widely available commercial software product to spy on the U.S. The incident occurred in 2015 but wasn’t discovered until spring of last year, said the people familiar with the matter.' ”

https://politicalwire.com/2017/10/05/russian-hackers-stole-nsa-data-u-s-cyber-defense/ (apparently quoting further from the WSJ subscription only portion)

 

"...The software [Kaspersky] is believed to have tipped off the Russia-hired hackers that files from the NSA were put onto the computer, the Wall Street Journal reported. Once they got that warning signal, the hackers purged the computer for the key NSA spy tools.

Investigators are looking to figure out if Kaspersky’s engineers designed it to weed out such files, the newspaper noted.
Russian hackers targeted vote software company, officials: report

Kaspersky told the Journal in a statement that it 'has not been provided any information or evidence substantiating this alleged incident, and as a result, we must assume that this is another example of a false accusation.'..."

http://www.nydailynews.com/news/nat...nt-nsa-spying-defense-tools-article-1.3543436

 

Wow, this is some serious stuff. I wouldn't be surprised if it's true, but perhaps these hackers simply exploited a bug in Kaspersky? We all know that AV software is vulnerable to certain attacks. But anyway, I don't trust AV software in general anymore, they have full access to all files and there's no easy way to monitor which data they are collecting and which data is being ex-filtrated.

 

"NSA contractors back in spotlight after reported Russian theft...

...If the contractor’s files contained code that matched known NSA malware, Kaspersky’s software could have detected it and flagged it as an infection for Kaspersky researchers.

'Someone in Kaspersky headquarters would have begun reviewing that system in more depth,' Blake Darché, a former hacker for the NSA, told POLITICO. While inspecting the contractor’s computer, 'they may have found a folder containing' the NSA files, 'and then that folder may have been sucked up for collection as well.'

'Kaspersky is known to use their technology in this way,' said Darché, who is now the chief security officer at cyber defense firm Area 1 Security.
Kaspersky’s chief executive officer hinted that this was how the incident may have begun. 'We make no apologies for being aggressive in the battle against cyber threats,' Eugene Kaspersky tweeted.

If the Kremlin had access to Kaspersky’s data, it would have seen this happen and could have tasked its spies with retrieving the files. But there is no indication that Kaspersky knowingly alerted the Russian government to the files or helped it..."

http://www.politico.com/story/2017/10/05/nsa-contractors-russia-hackers-surveillance-tools-243509

 

"Russian hackers reportedly stole NSA information on how the US defends itself from cyberattacks...

[More Re: Kasperky's statement]

'We make no apologies for being aggressive in the battle against malware and cybercriminals,' the company said. 'The company actively detects and mitigates malware infections, regardless of the source, and we have been proudly doing so for 20 years, which has led to continuous top ratings in independent malware detection tests. It's also important to note that Kaspersky Lab products adhere to the cybersecurity industry's strict standards and have similar levels of access and privileges to the systems they protect as any other popular security vendor in the US and around the world.'..."

http://www.businessinsider.com/russia-hackers-nsa-kaspersky-2017-10

 

https://www.nbcnews.com/news/invest...rsky-software-n808101?cid=public-rss_20171005

Another reason not to use Kaspersky.

 

Come on now that's silly, it's only a bug if it's American software, if it's Kasperskey, it's collusion.

 

Fake news.

 

Look at the following - it appears it is not just the Russians that hack. Maybe the US should outsource its Cyber Security to Moscow since taking all source evidence into account suggests that they may be better at it. (Only joking about the outsourcing but not joking about them being better at it)
http://www.disclose.tv/news/nsa_whi...ce_not_russia_responsible_for_dnc_hack/136199

 

FWIW: IIRC Binney has never claimed that The NSA was responsible for that particular hack. I do know that Binney, jointly with members of Ray McGovern's Intelligence Professionals for Sanity, has vigorously claimed that there was never a hack at all, but rather that the well known, now notorious emails were leaked by an insider.

Thinking that the linked source is not necessarily a reliable source of information. Purusing today's listing of "Latest News" on that website one sees the following Headlined Stories:"The Ancient Tomb Of Santa Claus May Have Been Discovered In Turkey;" "Lost Biblical Artifact 'Engraved By God' Discovered After 500 Years;" "Man Claims To Be From The Year 2048 Warns Of An Alien Invasion;" "NASA-Funded Experiment Led To Intercourse Between A Woman And A Dolphin;" "Female Poltergeist Caught Haunting West Yorkshire Pub!"

http://www.disclose.tv/blogs/page/1/all/filter/

Just sayin'

 

Sure the site has a lot of what most would call humorous nonsense but all source information seems to suggest that the Russians are not the only ones that hack, and indeed it is sometimes easy to blame them for hacking even on occasions when they have not. Ed Snowden upset a lot of people with his revelations about the NSA
.

 

Agreed, but just to set the record straight on what Binney has claimed about the alleged "hack" of the emails, the linked story claiming that Binney has said that the NSA hacked the emails is BS.

This is what Binney has in fact said about the subject:

https://www.thenation.com/article/a-new-report-raises-big-questions-about-last-years-dnc-hack/

 

Well, you know, the man from 2048 could be right, I mean after all, he would be the one to know...

 

From the WSJ article:
"Experts said the software, searching for mailicious code, may have found samples of it in the data the contractor removed from the NSA."
Looks like Kaspersky AV just worked properly. Contractor takes home govt malware, puts it on his personal PC with Kaspersky AV, Kaspersky finds the files suspicious and uploads them to KSN.

 

starting to feel like we're on /r/conspiracy with these articles. "could be", "maybe", "possibly"
yea i love speculations by the US government trying to wash their hands from an incompetent employee.

 

Full Kaspersky Response:

"We aggressively protect our users and we’re proud of it...

While protecting our customers, we do – as any other cybersecurity vendors – check the health of a computer. It works like an X-ray: the security solution can see almost everything in order to identify problems, but it cannot attribute what it sees to a particular user...

In the wake of this latest article I want to emphasize the following: if our technologies detect anything suspicious and this object is identified as malware, in a matter of minutes all our customers – no matter who or where they are – receive protection from the threat...

The new allegations look to me like this: someone just took this process of how we deal with a threat, added some fictional details, and here we go – the new C-movie script is ready...."

Full Detailed Response is here:

https://eugene.kaspersky.com/2017/10/05/we-aggressively-protect-our-users-and-were-proud-of-it/

 

"In the end, I can’t shake off a disturbing thought: no matter how great security technologies and measures are, the security of millions can be easily compromised by the oldest threat actor there is – a $5 USB stick and a misguided employee."

 

With all of these "news stories" about Kaspersky I was hoping to find a better deal on a cheap license but no such luck at the moment.

 

Not disturbing at all. It was destined to happen as we see now and on dang near every machine.

Common sense (if they ever had any) clearly indicates that a USB plugged in a PC can easily siphon out files etc. and is been that way for many years. Windows 98 virus heads drew up a ton of such playtoys many of which were improved obviously to make more compatible and bypass security protocols.

And is why I continue to be a proponent for rewriting the entire base source code. The alternative is only more of the same old and we all know it.

If anyone done any research for security sakes at all then you might remember the SwitchBlade-Amish etc and a whole bunch more treats devised up just for sucking out files as well as planting timer files to do the job for them etc.

Freaking windows is been an advanced copy machine at it's roots while windows upgrades continued to pile more travel lanes into it for hackers to tap.

 

'Russian hackers" not a shred of evidence. Move-on getting very old.

 

They were Mr Kaspersky's words, not mine.

 

It's all over the major and cable news networks. I would say Kaspersky is pretty much "dead meat" as far as the U.S. market goes.

 

You left out:......then Kaspersky makes the information available to hackers working for the Russian government.

Cant be any clearer.

Bo

 

antivirus is the most instrusive piece of software to be installed on anyone computer.
next is firewall with antivirus bundle