• United States



Israel hacked Kaspersky, caught Russia using the software to hack U.S.

News Analysis
Oct 11, 20173 mins

Israel hacked Kaspersky and caught Russia using Kaspersky software to search for and steal U.S. government classified programs.

Instead of promoting goodwill relations with Israel, U.S. intelligence threw Israeli intelligence under the bus when explaining how Israel hacked Kaspersky and caught Russia using Kaspersky to search for NSA exploits and other U.S. government classified programs.

The New York Times reported, “It was a case of spies watching spies watching spies: Israeli intelligence officers looked on in real time as Russian government hackers searched computers around the world for the code names of American intelligence programs.”

Israel told its U.S. buddy about the spying and reportedly provided proof in the form of screenshots and documentation it had access to, since it was buried deep into Kaspersky’s network. This is according to unnamed government officials who spoke on the condition of anonymity due to classification rules.

“The role of Israeli intelligence in uncovering that breach and the Russian hackers’ use of Kaspersky software in the broader search for American secrets have not previously been disclosed,” explained The New York Times.

Israeli intelligence hacked Kaspersky for its own spying purposes in 2014. They told the NSA after watching in real time as Kremlin hackers “aggressively” scanned “for American government classified programs” and pulled “any findings back to Russian intelligence systems.”

The Russian spies were reportedly using Kaspersky Lab’s software as “a sort of Google search for sensitive information.”

The New York Times didn’t specify exactly what secret American data the Russians stole, but it did mention that the Russians made off with classified NSA documents that had been improperly stored on the home computer of an NSA employee. Also, the Washington Post mentioned that in the 2015 case, the NSA Tailored Access Operations (TAO) employee had been using Kaspersky antivirus on his home computer. Maybe it was documents, but it seems more likely anyone from the TAO division would be using NSA hacking tools.

2015 was the same year that Kaspersky Lab reported a cyber intrusion in its internal systems. The company dubbed the attack Duqu 2.0.

All of this newly revealed hacking and spying occurred over two years, but it wasn’t until last month that the Department of Homeland Security ordered federal agencies to kick Kaspersky products to the curb.

Kaspersky denies involvement in cyber espionage

After The New York Times story broke, Eugene Kaspersky, founder of Kaspersky Lab, denied involvement and asked U.S. law enforcement to share relevant facts for an internal investigation.

When news of the NSA using its PRISM program to tap user data of Google, Microsoft, Apple and Facebook broke in 2013, those companies hotly denied involvement or knowledge of the NSA’s surveillance. The companies pushed back for months, refuting that they had given the NSA direct backdoor access in hopes of stopping customers from jumping ship to do business with other companies not based in the U.S.

If the unnamed intelligence officials told The New York Times the truth, then isn’t it possible Kaspersky Lab was used by its government in a similar fashion as U.S. companies were used for spying purposes by their own government?

ms smith

Ms. Smith (not her real name) is a freelance writer and programmer with a special and somewhat personal interest in IT privacy and security issues. She focuses on the unique challenges of maintaining privacy and security, both for individuals and enterprises. She has worked as a journalist and has also penned many technical papers and guides covering various technologies. Smith is herself a self-described privacy and security freak.