Kaspersky has fallen foul of US lawmakers
According to the WSJ, Hackers working for the Russian government stole details of how the U.S. penetrates foreign computer networks and defends against cyberattacks after a National Security Agency contractor removed the highly classified material and put it on his home computer with Kaspersky antivirus installed, according to multiple people with knowledge of the matter.
The allegations, which have cropped up over the last several months, range from Kaspersky working with the Russian government to Kremlin spies hacking the antivirus software and using it without the company knowing.
A Bloomberg article in July said internal emails showed Kaspersky Lab was working closely with Russia’s FSB, the country’s equivalent to the FBI. This came a month after FBI agents visited Kaspersky employees in the US, questioning the company’s motives.
Kaspersky’s software had allegedly helped someone steal the NSA’s hacking tools in 2015 and provide them to Russian spies, the Wall Street Journal first reported.
But an internal investigation by Kaspersky Lab suggests that the NSA staffer would have been hacked regardless of what antivirus program was on the computer. That’s because malware had already slipped in.
According to the investigation, the company said, the NSA staffer downloaded pirated software onto his personal laptop, including an illegal Microsoft Office activation key generator, on Oct. 4, 2014.
“The malware dropped from the trojanized keygen was a full-blown backdoor which may have allowed third parties access to the user’s machine,” Kaspersky said in its report.
The NSA declined to comment for this story. The staffer had already broken procedure by bringing classified data onto his personal computer at home.
Kaspersky Lab said its antivirus technology would have been able to block the malware disguised as a key generator if the staffer hadn’t disabled the software to allow the download. After the staffer turned his antivirus back on, it spotted the hidden malware, along with a stash of the NSA’s hacking tools.
Kaspersky Lab has promised to work with independent companies to conduct audits on its product source code in the future in an effort to reestablish trust in the wake of alleged involvement in US government data theft.
The company issued a brief statement Monday, promising that by the first quarter of 2018, an “internationally recognized authority” will conduct independent source code reviews, as well as verify the “integrity of our solutions and processes.”