The Wall Street Journal just published an incendiary article that says hackers working for the Russian government stole confidential material from an NSA contractor’s home computer. The hackers did so, according to the WSJ, after identifying files though the contractor’s use of antivirus software from Moscow-based Kaspersky Lab.
The report may well be true, but, for now, there’s no way to independently confirm it. The report is based on unnamed people the publication says had knowledge of the matter, and it provides no evidence to support its claim. What’s more, the lack of detail leaves open the possibility that, even if Kaspersky’s AV did help Russia home in on the highly sensitive code and documents, the disclosure was the inadvertent result of a software bug and that no one from Kaspersky Lab cooperated with the attackers in any way. Also lost in the focus on Kaspersky Lab is the startling revelation that yet another NSA insider managed to sneak classified material outside of the NSA’s network and put it on an unsecured computer. More of this analysis will follow.
First, here’s a summary of what the WSJ reported.
The unnamed contractor removed the material from the NSA and stored it on a home computer that ran a version of Kaspersky AV. The material, according to the unnamed sources, included “details about how the NSA penetrates foreign computer networks, the computer code it uses for such spying, and how it defends networks inside the US.” Sometime in 2015, the material was stolen by Russia-sponsored hackers who “appear to have targeted the contractor after identifying the files through the contractor’s use” of the Kaspersky AV. The breach was discovered in the first three months of 2016.
Submitted by: Arnfried Walbrecht