US media outlets reported that top-secret information belonging to the NSA has been stolen by Russian hackers who exploited the Russian Kaspersky Lab software that was installed on an NSA employee’s private computer.
Russian Hackers stole highly confidential info Photo Credit: Moodboard/123RF/Channel 2 News
Russia has stolen highly confidential information from the US National Security Agency (NSA) by using Russian anti-virus software that was installed on a personal computer of an employee, according to reports in American media outlets.
A senior Washington official said that the data included information revealing the NSA’s strategies of hacking into various networks and systems for intelligence purposes. The employee who installed the software of the popular Kaspersky Lab company apparently did not attempt to deliberately leak the information and was not aware of the extent of the risk.
Investigators estimate that the employee brought back confidential information to his home so that he could write his resume and installed Kaspersky anti-virus software on the computer he was using. The software was then used as a vulnerability by Russian individuals or organizations that stole the confidential data.
The Washington official added that there is no reason for the general public to avoid using Kaspersky Lab products; however, a month ago, the FBI decided to ban the installation of the company’s software on federal computers due to fears of it possibly creating backdoors for Russian hackers. Efforts are now being made to discover how much information was leaked and who stole it.
Suspicions against Kaspersky Lab products aren’t a recent phenomenon in the US and have existed for years. Kaspersky Lab CEO Eugene Kaspersky graduated from the Technical Faculty of the KGB Higher School in 1987 and has previously served in the Russian intelligence service.
Five months ago, ransomware known as WannaCry was installed on millions of computers worldwide, encrypting data and demanding BitCoin payments as ransom. The NSA was accused of discovering the vulnerability that enabled the attack and failing to report it to Microsoft so that it could use it for its own exploits.