WASHINGTON ― Israeli intelligence officials found evidence of Russian hacking of U.S. government systems by infiltrating the network of Russian company Kaspersky Lab in 2014, the New York Times reports. As a result, the Department of Homeland Security ordered on Sept. 13 the cessation of Kaspersky product usage by federal agencies.
The New York Times further indicates that the FBI had long since suspected that Kaspersky senior executives had been working to provide Russian intelligence “backdoor” access to U.S. computers.
Israeli intelligence had hacked into Kaspersky’s network and reported the discovered Russian intrusion to the U.S. government. Notable elements of the Russian infiltration included the theft of a NSA employee’s classified documents, which had been inappropriately housed within a home computer containing Kaspersky anti-virus software. Further stolen classified information has not been made available to the public.
Israeli hackers had seemingly planted various backdoors within Kaspersky’s systems, using them to steal passwords, screenshots, documents and emails from the company. Israeli intelligence subsequently reported to the NSA that Russian hackers were belligerently scanning for classified U.S. government programs, providing documents and screenshots for evidence.
The New York Times found that Kaspersky itself discovered said Israeli intrusion in mid-2015, when the company found a particular network breach to have similarities with the joint Israeli-American operation “Duqu.” The 2010 operation involved the usage of the cyber-weapon Stuxnet to infiltrate Iran‘s Natanz nuclear facility and destroy a fifth of the country’s uranium centrifuges via malicious code.
Kaspersky deduced that its network breach was similar to “Duqu” as both instances used some of the same code and same algorithm. The company named the breach “Duqu 2.0” and indicated that its other victims had been Israeli targets. These included venues used by the United Nations Security Council to negotiate Iran nuclear terms, talks that Israel had been excluded from. Yet unlike “Duqu,” because of some of the targets being in the United States, Kaspersky believed that the breach was Israel‘s alone and not another joint operation.
Kaspersky Lab is a globally renowned cybersecurity company, specifically noted for its expertise in creating anti-virus software. The company states that it has over 400 million users world wide, with 60 percent of its revenue coming from U.S. and Western European citizenry. The U.S. federal government had previously warned the private sector to avoid using Kaspersky products due to suspicions of the company’s relationship with Russian intelligence. Nonetheless, 24 executive agencies, including the State Department and Department of Defense were using Kaspersky anti-virus software prior to the discovered Russian hack.
For individuals to use Kaspersky Lab products, particularly anti-virus software, they must allow the company complete access to their hardware. Such a routine security software procedure could allow Russian intelligence the opportunity to effectively survey and take whatever piece of information they deemed pertinent.
