Hackers under the supervision of the Russian government compromised National Security Agency data after identifying the files on a contractor’s personal computer through antivirus software, the Wall Street Journal reported Thursday.
The report says that the hackers stole details of how the U.S. government penetrates foreign computer networks and defends against cyberattacks. The security vulnerability came from an NSA contractor who reportedly removed the “highly classified material” from the network and put it onto his personal computer at home.
With the files on the contractor’s computer, the hackers reportedly identified the sensitive files through computer’s use of Kaspersky Lab, a popular antivirus software based in Russia.
Kaspersky Lab software was once authorized for use in over 20 government agencies, including the Department of Homeland Security, Veterans Affairs, Department of Defense, the Army, Navy and Air Force.
Here’s what you need to know about Kaspersky Lab:
1. The Alleged NSA Data Theft Happened in 2015
According to the WSJ report, the theft of the data hasn’t been disclosed, but is “considered by experts to be one of the most significant security breaches in recent years.”
The alleged incident took place during 2015 but wasn’t discovered until springtime 2016. According to the report, the hacked NSA data provided details as to how the agency penetrates computer networks and also the computer code it uses to perform the spying. In addition, the files also reportedly contained information on how the U.S. defends its networks.
An NSA spokesperson told the WSJ: “Whether the information is credible or not, NSA’s policy is never to comment on affiliate or personnel matters.”
In response to the claims, Kaspersky Lab released a statement to the WSJ saying that it “has not been provided any information or evidence substantiating this alleged incident, and as a result, we must assume that this is another example of a false accusation.”
Hours before the story broke, Kaspersky Lab CEO Eugene Kaspersky tweeted that the WSJ was coming and vowed to “make no apologies for being aggressive in the battle against cyberthreats.”
2. The Company Was Founded in 1997 by Eugene Kaspersky, Whose Net Worth Is Over $1 Billion
The company was founded in Moscow in 1997 by Eugene Kaspersky, and the company is celebrating 20 years this year. To celebrate the anniversary, the company planned various events throughout the year.
Kaspersky is the CEO of the company, which has grown massively since its creation and now employs around 4,000 people.
Kaspersky is a Russian cybersecurity expert and a strong advocate for an international treaty prohibiting cyberwarfare. In October, Forbes wrote that Kaspersky has a net worth of $1.27 billion, ranking him No. 1,567 on the website’s list of global billionaires.
In 2010, the company expanded internationally and reported annual revenues of over $700 million in 2014. Currently, the software has about 400 million users and owns the largest market-share of cybersecurity software in Europe. Globally, the software ranks fourth in terms of revenue for antivirus vendors.
3. The Company Has Been the Subject of Controversy This Year Because of Its Russian Ties
While Kaspersky is huge internationally, its market shares in the U.S. have been hampered by its Russian ties, the International New York Times reported.
However, there’s been no concrete evidence that there’s any back doors in their software or ties to the Russian government. But Eugene Kaspersky’s background in the Russian military and education has led to speculation he has ties to the foreign government. He’s refuted those claims numerous times.
The U.S. has had ties with Kaspersky Lab in the past, and it was on its list of approved vendors to do business with for years. But in July, amid the investigation into Russian tampering during the 2016 presidential election, the U.S. General Services Administration removed Kaspersky Lab from that list.
The removal came after a Bloomberg report said the company worked on “secret projects” with Russia’s Federal Security Service. Again, Kaspersky has denied those reports, saying he’s “never received a request from the Russian government or any affiliated organization to create or participate in any secret projects, including one for anti-DDoS protection.”
4. The Department of Homeland Security Banned Kaspersky Lab Software
On September 8, Best Buy pulled all Kaspersky Lab products off its shelves due to its possible ties with Russia. Five days later, the U.S. Department of Homeland Security issued an official order banning Kaspersky Lab products from being used within the federal government. Those who had computers with the Kapersky Lab software already on it were told to “phase out” the use of the software within 90 days.
The DHS said in a statement: “The Department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks. The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security.”
5. The Latest Incident Comes After the Arrest of an NSA Contractor
When NSA Director Adm. Michael Rogers started in his position in 2014, he promised the stop leaks similar to what former NSA contractor Edward Snowden did. Snowden provided classified documents to journalists and revealed surveillance programs were being run in the U.S.
The most recent incident involving Kaspersky comes after former NSA contractor Harold Martin was arrested and charged for removing large amounts of classified data from NSA headquarters and keeping it at his home. Though investigators didn’t believe he shared the data.
Martin pleaded not guilty to the federal charges of stealing classified information, and his lawyer claims he took the information home only to “get better at his job.”
The identity of the contractor who was involved in the incident the WSJ reported on isn’t publicly known, and it hasn’t yet been disclosed whether he faces charges or was dismissed from his job.