CybersecurityU.S. bans Russian anti-virus software after Israel warns about hacking

Published 13 October 2017

The U.S. government recently prohibited federal agencies from using the products of the Russian cybersecurity firm Kaspersky Lab. Kaspersky’s anti-virus software is used by 400 million people globally – and the off-the-shelf software was installed on many U.S. government systems. Israeli intelligence officials warned their U.S. counterparts that Russian government hackers had morphed Kaspersky’s anti-virus software into a search engine for sensitive information. The classified data was then extracted back to Russian intelligence systems. Kaspersky’s denials notwithstanding, cyber experts say it is not technically possible that Kaspersky Lab’s officials were ignorant of the Russian government’s use of the company product.

Israeli intelligence officials warned the United States about Russian hackers breaking into their information security, using Kaspersky Lab antivirus software.

The U.S. government recently prohibited federal agencies from using the company’s products, a software used by 400 million people globally, after it emerged that Russian operators had morphed the program into a search engine for sensitive information, theNew York Times reported on Tuesday. The classified data was then extracted back to Russian intelligence systems.

The Israeli officials who had hacked into Kaspersky’s network over two years ago became suspicious, after discovering evidence that Russian hackers were accessing classified U.S. programs through the computers of Kaspersky Lab, a Moscow-based cybersecurity firm.

Israel then warned their U.S. counterparts of the Russian intrusion and alarmed officials immediately began a hunt for the breach. That led to a decision in Washington to order Kaspersky software being removed from government computers for facilitating Russian espionage.

The New York Times reported that the Russian operation, according to sources familiar with the breach, is known to have stolen classified documents from the home computer of an National Security Agency contractor, which had Kaspersky antivirus software installed on it.

Kaspersky Lab denied accusations that it had been involved in the hacking. “Kaspersky Lab has never helped, nor will help, any government in the world with its cyberespionage efforts,” the company said in a statement. Kaspersky Lab added that it “respectfully requests any relevant, verifiable information that would enable the company to begin an investigation at the earliest opportunity.”

It isn’t clear if employees at Kaspersky were involved in the hacking, or if Russian intelligence agencies exploited the company’s anti-virus software to gain access to U.S. government systems.

The New York Times said that the N.S.A. and the White House declined to comment, as did the Israeli Embassy, while the Russian Embassy did not respond to requests for comment.

This is not the first time that Israel assisted Western countries in defending against global cyberattacks. In November 2015, an Iranian hacking group believed to be affiliated with Iran’s Islamic Revolutionary Guard Corps was crippled by raids carried out by police across Europe after an Israeli-American cybersecurity firm informed them about the group’s activities.

This article is published courtesy of The Tower