Kaspersky Lab software hacked by Russian spies

Israeli spies tell American spies that Russian spies are spying on them using Kaspersky software

Kaspersky Lab is on the edge of a vortex which is accelerating its speed and drawing the security software company closer to its centre every day.

Also swirling around in this vortex is the Russian government, the US government and now the Israeli government –not to mention the Germans, the British, and the Iranians, to name just a few.

Kaspersky’s latest journey into the unknown started earlier this year, when one of the company’s employees was arrested by Russian President Vladimir Putin for alleged “treason”.

Putin’s spymasters claimed the Kaspersky Lab employee was collaborating with two officers from the Russian Federal Security Service in a plot to aid the US.

US spies, meanwhile, have spent months and months claiming Russia and Putin hacked last year’s American presidential election in order to put their favoured candidate – Donald Trump – into the White House.

Now, it has emerged that Israeli spies have been telling US spies that Russian spies had hacked Kaspersky Lab software and were using it to spy on American government computers.

And how did the Israeli spies know this? Because they also hacked Kaspersky Lab software.

The possible consequences for the US include the prospect of Russian spies discovering American intelligence secrets and classified programs – all using Kaspersky software.

Acting Department of Homeland Security Secretary Elaine Duke said Kaspersky’s antivirus and other software “provide broad access to files” and “can be exploited by malicious cyber actors to compromise” US computer systems.

And Israel went further and clearly suggested that Kaspersky software was being directly used by the Russians to steal US secrets.

According to a report on the New York Times website, the Israelis even provided the US National Security Agency with “solid evidence of the Kremlin campaign in the form of screenshots and other documentation”.

So, the US authorities last month ordered the removal of Kaspersky software from government computers.

In a statement, the DHS said: “The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security.”

Kaspersky Lab is one of the most well-known providers of computer security software. It’s a relatively large company, a multinational, with annual revenues exceeding $600 million and about 3,500 employees.

It’s been around for 20 years, since the early days of the worldwide web’s mass adoption, so it’s had the chance to observe the machinations of the cybersecurity world, and how online criminals behave, for a long time.

The company’s founder is understandably confident about Kaspersky’s mastery of the dark arts of cyberspace.

In comments last year, the company’s CEO, Eugene Kaspersky, said cybercriminals often communicate in languages that are not their first language.

This makes it difficult for investigators to identify who they are and where they come from.

The growing number of cyber attacks and sheer volume of ransomware and malware, in general, would suggest that the security services are somewhat overwhelmed.

Moreover, the cybercriminals have become adept at throwing their pursuers off the scent.

“It’s very hard to attribute who is really behind all these attacks,” said Kaspersky, adding, however, that, “It’s not our job to discover who is the criminal.”

He said: “In many cases, we can guess… because we can see their language. And according to our data, the most-spoken languages are native English, native Russian, and simplified Chinese.

“Who is the best or the worst? I don’t know because there are so many attacks coming from them through cyberspace.

“So the most-spoken languages are coming from these three.

“But at the same time, there is French, Spanish, Spanish as in Latin American, German, Italian, Arabic, Korean… no Japanese – I don’t remember any statements which were in Japanese.

“But at the same time it’s not just attribution (of language) because remember that there are many cases where there is definitely a state-sponsored attackers which speaks, or pretends to speak, native English.

“And then there is a typo, which native (English) speakers will never do.”

In a statement to TechCrunch , Kaspersky has denied that it has any backdoors in its software which allows spies to conduct their espionage activities.

“Kaspersky Lab has never helped, nor will help, for any government in the world with its cyber-espionage efforts, and contrary to erroneous reports, Kaspersky Lab software does not contain any undeclared capabilities such as backdoors as that would be illegal and unethical,” the company told TechCrunch.

“… For 20 years, Kaspersky Lab has been focused on protecting people and organizations from these cyber threats — its headquarters’ location doesn’t change that mission.”