Center for Strategic Assessment and forecasts

Autonomous non-profit organization

Home / Defence and security / / Articles
Israel has been hacked "virus", and then notified the NSA about the invasion of its networks
Material posted: Publication date: 12-10-2017
2015 hackers from Israeli government departments saw something suspicious in computers the Moscow firm cyber security: it was hacking tools for hacking, which could be restricted to the national security Agency.

Israel notified the NSA, and its concerned employees immediately took up the search for unauthorized entry, as reported by informed sources. According to them, the result of the inspection revealed that the tools belonged to the Russian state.

Israeli intelligence officers found the hacker's content in the global anti-virus company "Kaspersky Lab", which attracted the attention of the United States. Washington suspect that Russia is using this company's products in his espionage activities.

Last month the Department of homeland security has ordered Federal civilian agencies to find software "Kaspersky Lab" on their networks and delete it on the grounds that "the Russian government, acting independently or in collusion with Kaspersky, could take advantage of that access, which provide products Kaspersky to to Federal information and hack the information system ensuring national security of the United States". Following this indication was followed by the decision of the General services Administration to remove "Kaspersky Lab" from the list of approved suppliers. And lawmakers on Capitol hill are thinking about how to establish a universal ban on these products.

The NSA declined to comment on the conclusions of Israel, which first reported the New York Times.

Kaspersky issued a statement which said: "As a private company, "Kaspersky Lab" does not support any reprehensible relations with any state, including with Russia. The only conclusion that can be drawn from all this is that the "Kaspersky Lab" was at the center of a geopolitical struggle."

The company's founder Eugene Kaspersky said last week in his blog that his antivirus program, designed to find malicious software all around the world.

"We are actively seeking and completely remove malicious programs, regardless of their source", he wrote, making the assumption that his antivirus software was able to take designed for hacking tools the NSA for such malware.

In 2015, the NSA conducted an investigation in trying to figure out how the Russians could get him the materials. Gradually it narrowed the scope of searches and came up with a member of his elite unit operational penetration into computer networks of the enemy, which employs hackers collecting intelligence about foreign targets. The officer used antivirus programs Kaspersky on your home computer.

Currently, this man, whose name was not disclosed, is under investigation, which conducts Federal prosecutors. He wasn't going to pass classified material to a foreign enemy. "No malice was not, said one familiar with this case source who agreed to speak on condition of anonymity. — He was just trying to complete the task, and for that, he would need appropriate tools".

Concern about the "Kaspersky Lab" has arisen in the field of cybersecurity, representatives of which noted that the software of this company were not only used for protecting client computers, but also as platforms for conducting espionage.

In recent years the company periodically used the standard methods of detecting computer viruses, which, along with that applied in the retrieval of information and data unrelated to software. This was reported by two representative areas of cyber security, asked not to name them, as it concerns classified information.

This tool is called the silent signature (signature tacit) and represents a line of digital code, which stealthily detects malware, but can also be used to search for key words and abbreviations for those computers that contain secret documents.

"Hidden search and detection is widely used in the field of cybersecurity to confirm the detection of malware and to minimize errors, the search — said in a statement. — It allows firms cybersecurity to offer customers the latest protection without constantly disturbing alerts that pop up at them on the screens."

"Kaspersky lab" is also the only major antivirus firm whose data is transmitted via Russian Internet service providers who are supervised by the Kremlin's intelligence services. This tracking system is called SORM (System for operative investigative activities).

The company claims that passing through Russian servers Kaspersky customer data is encoded and that it doesn't decrypt them for the government bodies.

Russian expert on surveillance and author of the book "the Red web" Andrei Soldatov said, "I have great skepticism relate to allegations that the state is not able to read the data of this company". According to him, "Kaspersky Lab", being a company dealing with encrypted information, must obtain permission from the all-powerful security service, the FSB, and this means that the company is "completely transparent" for this Department.

As of today, we do not know how is the Russian in 2015've got the tools of the NSA to crack. Some analysts in the sphere of information security are making assumptions about what Russian for theft of these materials took advantage of the flaw in Kaspersky.

But there are other experts who claim that the Russian General didn't have to hack system virus. According to them, this material could be obtained through the state system of recording information.

This firm is certainly something is required to the Kremlin, said Steven Hall (Steven Hall), and for 30 years carried out CIA operations in Russia. According to him, the scope of "Kaspersky Lab" is of particular interest to Russian President Vladimir Putin, and judging by the way things work in Russia, Eugene Kaspersky "knows he is at the mercy of Putin."

"Arguments against "Kaspersky Lab" is very convincing, says democratic Senator from new Hampshire Jeanne Shaheen (Jeanne Shaheen), who constantly criticizes virus and demands to remove his software from the Federal networks. — A strong link between the "Kaspersky Lab" and the Kremlin are cause for great concern".

The Federal government has increasingly expressed concern about the "Kaspersky Lab" and talks about its risk to the private sector. At least the last two years, the FBI notifies of a large company, including from the energy and financial sectors, what to use FOR virus risk. The Bureau at its briefings, tells of the dangers of espionage, sabotage, and attacks on supply channels that can be implemented with the use of this software. The Bureau also clarifies the essence of the law on supervision, which allows the Russian state to view the data flowing over networks in the country.

"The essence of the problem, said one businessman who attended the briefings. No matter works, "Kaspersky Lab" directly to the Russian government or not. Her Internet service providers in any case have been subject to surveillance. So literally everything that passes through the "Kaspersky Lab", could fall into the hands of the Russian state".

At the end of September, the national intelligence Council has prepared a secret report which concluded that the FSB could have access to the client database "virus" and the source code. Such access could give the Russian intelligence services the opportunity to carry out cyber attacks against the American government, as well as against commercial and industrial control networks.

In the preparation of this article participated Gillum Jack (Jack Gillum).

Ellen Nakashima


Tags: Russia , USA , Israel

RELATED MATERIALS: Defence and security
Возрастное ограничение