Russia-Based Kaspersky Labs Had Access To Stolen NSA Documents Leaked By Hackers
United States government officials claim Russian cybersecurity firm Kaspersky Lab obtained National Security Agency documents that were later published online by the anonymous hacking group the Shadow Brokers, according to the Wall Street Journal, though Kaspersky Lab desputes the report.
Investigators reportedly believe anti-virus software produced by Kaspersky Lab was used to identify and collect tools and manuals from the NSA. Kaspersky has come under fire recently for potential ties to the Russian government.
“While zero evidence has been presented regarding the unverified claims made by [the Wall Street Journal], Kaspersky Lab does not have inappropriate ties to the Russian government or any ties to the Shadow Brokers," a spokesperson for Kaspersky Lab told International Business Times.
“Regarding the archive mentioned in the Kaspersky Lab internal investigation, based on the malware detections inside the archive (detections that we still have as archived telemetry), but without having this archive to compare, these are different from the data leaked by the Shadow Brokers,” the spokesperson said.
Last year, the Russian cybersecurity firm was accused of being used as a tool of the Russian government to target and extract sensitive information pertaining to the NSA. The dispute stemmed around the 2015 theft of NSA documents that were reportedly stolen from a contractor’s personal computer.
Kaspersky originally denied the reports before admitting to accidentally accessing some code from the NSA in 2014 while investigating an Advanced Persistent Threat (APT) that turned out to have ties to the NSA itself. Again, the code originated from the computer of an NSA contractor.
The latest revelations regarding Kaspersky’s apparent role in accessing sensitive and classified information belonging to U.S. intelligence agencies appears to suggest the company either has ties with the Russian government or a connection with the hacking group known as the Shadow Brokers.
The Shadow Brokers are best known for publishing NSA exploits that have been used to carry out massive cyber attacks, including the WannaCry ransomware attack that infected more than one million computers worldwide last May and the NotPetya wiper attack that destroyed tens of thousands of computer systems—primarily ones located in Ukraine—last June.
While no direct link has been proven thus far, many have theorized that the Shadow Brokers have ties to the Russian government. Those connections, along with the apparent working theory that Kaspersky originally collected NSA documents that were later published by the hacking group, is sure to raise more questions about the security firm.
Kaspersky has held that it has deleted any NSA documents or code that it has come across and has not shared the information with any third parties. That seems to be called into question by U.S. officials, according to the Wall Street Journal report .
The Russian cybersecurity firm has already fallen out of favor in the U.S., both with the federal government and with some retailers. The U.S. Department of Homeland Security placed a ban on the use of Kaspersky software within the federal government in September, citing concerns about ties between the security firm and the Russian government.
Electronics retailer Best Buy also announced in September that it would no longer stock the consumer version of Kaspersky anti-virus software and pulled the firm’s products from its store shelves and online store.
© Copyright IBTimes 2024. All rights reserved.