Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

Blacklisted Kaspersky Tipped NSA on Security Breach: Media

The computer security firm Kaspersky Lab helped the US NSA spy agency uncover one of its worst-ever security breaches — one year before the US banned the company’s products for government use, US media has reported.

The computer security firm Kaspersky Lab helped the US NSA spy agency uncover one of its worst-ever security breaches — one year before the US banned the company’s products for government use, US media has reported.

Politico and the Washington Post said the Moscow-based maker of anti-malware products told the National Security Agency that one of its contractors, Harold Martin, had contacted it via cryptic messages on Twitter.

The messages arrived at Kaspersky shortly before unknown hackers known as the “Shadow Brokers” made available on the internet an assembly of advanced hacking tools that the ultra-secret signals intelligence body used to spy on the communications and computers of foreign governments and officials.

After the Shadow Brokers release, Kaspersky researchers thought there was a connection with Martin’s messages and reached out with the information to the NSA.

Weeks later, in August 2016, federal agents arrested the contractor, Harold Martin, discovering that he had stockpiled in his home a massive amount of sensitive NSA data, computer code and programs — some 50 terabytes worth — over two decades.

It was considered the largest-ever breach of classified data in US history.

According to the reports, the Twitter messages were used to justify the warrant issued to investigators to search Martin’s home.

The Kaspersky assistance “indicates that the government’s own internal monitoring systems and investigators had little to do with catching Martin,” Politico wrote, citing two unnamed sources familiar with the Martin investigation.

Advertisement. Scroll to continue reading.

But within months, the NSA decided that Kaspersky itself could have been instrumental in another leak of its hacking tools, and in September 2017 officially banned the use of Kaspersky software from computers involved in any government operations.

US intelligence officials — including then-NSA chief Michael Rogers — suggested Kaspersky had intimate ties to Russian intelligence.

“The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates US national security,” acting secretary of Homeland Security Elaine Duke said at the time.

Kaspersky strenuously denied the allegation. But it took a heavy toll on Kaspersky’s two-decade-old business that saw its anti-virus software installed on hundreds of millions of computers around the world.

Both the NSA and Kaspersky declined to comment, with the NSA citing the ongoing litigation regarding Martin.

Martin has been charged with theft of and illegal retention of classified data in his Maryland home.

But he has not been charged with leaking the materials to the Shadow Brokers or any others.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem