Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Government Security United States

Security Firm Kaspersky, Which Has Been Accused by US of Working With Russian Spies, Helped Catch an Alleged NSA Data Thief 85

An anonymous reader shares a report: The 2016 arrest of a former National Security Agency contractor charged with a massive theft of classified data began with an unlikely source: a tip from a Russian cybersecurity firm that the U.S. government has called a threat to the country. Moscow-based Kaspersky Lab turned Harold T. Martin III in to the NSA after receiving strange Twitter messages in 2016 from an account linked to him, according to two people with knowledge of the investigation. They spoke with POLITICO on condition of anonymity because they're not authorized to discuss the case.

The company's role in exposing Martin is a remarkable twist in an increasingly bizarre case that is believed to be the largest breach of classified material in U.S. history. It indicates that the government's own internal monitoring systems and investigators had little to do with catching Martin, who prosecutors say took home an estimated 50 terabytes of data from the NSA and other government offices over a two-decade period, including some of the NSA's most sophisticated and sensitive hacking tools. The revelation also introduces an ironic turn in the negative narrative the U.S. government has woven about the Russian company in recent years.
This discussion has been archived. No new comments can be posted.

Security Firm Kaspersky, Which Has Been Accused by US of Working With Russian Spies, Helped Catch an Alleged NSA Data Thief

Comments Filter:
  • Who? (Score:4, Insightful)

    by sexconker ( 1179573 ) on Wednesday January 09, 2019 @03:38PM (#57933174)

    Who actually believes the accusations against Kaspersky?

    • Re: (Score:2, Interesting)

      by Anonymous Coward

      The accusation was that KAV could not be trusted because K was in Russia and it was feared the company was infiltrated. Eugene was not credibly personally accused at any point of any crimes or malfeasance. It was a possibility.

      Ultimately it appears agents of Russia used the product to find NSA tools by name-matching to known keywords, it wasn't breached so much as it was misused for that purpose. Every system has vulns. AV ops are no different.

      But it should be noted that Russian agents were involved in

    • Re: (Score:3, Insightful)

      Who actually believes the accusations against Kaspersky?

      I do. And only because... why wouldn't they? There's no reason I can conjure up that would plausibly explain how Kapersky is not in bed with the FSB.

      To think they aren't is folly. We know the Russian government loves to play all sorts of under the table games with just about every other country on the earth. That they wouldn't leverage software publishers within their sphere against other countries is just naive. Of course they would. Wouldn't you?

      • by Shotgun ( 30919 )

        And I think there is a surprising amount of evidence to indicate that US "intelligence" agencies do the same with companies in our influence. This is sort of SOP at this point, is it not?

        • by PPH ( 736903 )

          And China with Huawei, ZTE, etc. It's pretty much SOP wherever you go. So just learn to live with it.

      • Re:Who? (Score:5, Insightful)

        by mattyj ( 18900 ) on Wednesday January 09, 2019 @05:08PM (#57933774)

        This is the worst reasoning. You sound like one of those "If you have nothing to hide, you have nothing to worry about" guys re: the Surveillance State.

        Kaspersky has had a stellar reputation in the community for two decades. They've consistently been one of the top cybersecurity researchers in the world.

        That being said, who knows, maybe Putin has an office at their HQ, but all this FUD without a shred of evidence whatsoever isn't helping anything.

        • by Anonymous Coward

          Kaspersky has had a stellar reputation in the community for two decades. They've consistently been one of the top cybersecurity researchers in the world.

          For years Kaspersky has "discovered" exploits they have created, used and sold to Putin. They "discover" these exploits and save us, only when they think their usefulness is no longer needed.

          • You made that up.
            This is classic FUD without a shred of proof or even evidence.
            If you read what the politicians said when calling for Kaspersky to be locked out, it was full of weasel-words like "could" but without anything concrete.

            The one case where something from the NSA is known to have landed in Russia was part of a known and documented feature - heuristic analysis of executables which can then (this is optional and can be turned off by the user) be sent back for deeper analysis. The software in quest

        • Kaspersky has had a stellar reputation in the community for two decades. They've consistently been one of the top cybersecurity researchers in the world.

          Their technical competence is not in question, their ability to resist the probable demands of the Russian security apparatus is. I don't mean to imply that this fact differentiates Russia from the USA in any fashion, but Russia is known to be a bit insistent about cooperation with the state.

          That being said, who knows, maybe Putin has an office at their HQ, but all this FUD without a shred of evidence whatsoever isn't helping anything.

          It would be foolish not to assume that they are compromised, much as major American companies have been compromised. I always pretty much assume that the US, Russia, and China are doing more or less the same stuff... on

          • by dcw3 ( 649211 )

            I always pretty much assume that the US, Russia, and China are doing more or less the same stuff

            In general, I agree with this. The only difference is that in the U.S. companies don't have to cooperate with the government. And it's much more difficult to do so because it would be easy for one person to spill the beans.

        • by T.E.D. ( 34228 )

          Kaspersky has had a stellar reputation in the community for two decades. They've consistently been one of the top cybersecurity researchers in the world. That being said, who knows, maybe Putin has an office at their HQ, but all this FUD without a shred of evidence whatsoever isn't helping anything.

          This is sort of missing the point. There is no real rule-of-law in Russia right now, so any company or person operating out of that country is completely at the mercy of the whims of Putin. Kaspersky could be the greatest defender of free-speech and computer security the world has ever known 99% of the time, but if the day comes (or has come) when Putin wants something out of a computer, and he wants Kaspersky's software to quietly do it, the guy has literally no recourse.

          • Kaspersky has had a stellar reputation in the community for two decades. They've consistently been one of the top cybersecurity researchers in the world.

            That being said, who knows, maybe Putin has an office at their HQ, but all this FUD without a shred of evidence whatsoever isn't helping anything.

            This is sort of missing the point. There is no real rule-of-law in Russia right now, so any company or person operating out of that country is completely at the mercy of the whims of Putin. Kaspersky could be the greatest defender of free-speech and computer security the world has ever known 99% of the time, but if the day comes (or has come) when Putin wants something out of a computer, and he wants Kaspersky's software to quietly do it, the guy has literally no recourse.

            This pretty much is my concern. Kapersky could be fine and dandy today, and yesterday.. but tomorrow is always going to be a question mark, which is why I find them untrustworthy and lacking in integrity. Not because they're a bad company, or are out to steal stuff on behalf of the Russian government. It's that they can turn into that at any moment, and we'd never know the difference.

        • This is the worst reasoning. You sound like one of those "If you have nothing to hide, you have nothing to worry about" guys re: the Surveillance State.

          Possibly the worst reasoning, I'll yield that one. But doesn't change anything. It's realistic thinking. Given the history of the Russian government tendency to tinker with levers behind the scenes.

          Look, it's certainly possibly Kapersky is on the up and up, but this is the Russian government we're talking about. An abundance of caution and possibly even paranoia regarding Russian companies is most certainly wise and warranted. Regardless of Kapersky's reputation, the government they operate under have

      • by AHuxley ( 892839 )
        AV software does its job and reports new malware efforts found in the wild.
        Lots of other AV software is strange in the way it finds nothing in the same way ...
        Why would the Russian gov show what it can do in real time?
        Why would any Western spy agency show it can spy on networks in Russia in real time to the media?

        Russia would never show what it can do.
        The West and NATO would never be allowed by the NSA/GCHQ to show that it can do in Russia.
        No nations talks to the media without full and early declassi
      • Re:Who? (Score:4, Insightful)

        by khchung ( 462899 ) on Wednesday January 09, 2019 @07:17PM (#57934416) Journal

        Who actually believes the accusations against Kaspersky?

        I do. And only because... why wouldn't they?

        Then use the same logic to believe that the US lied about Kaspersky, because... why wouldn't they?

        • by dcw3 ( 649211 )

          Not saying they didn't but it's a bit more difficult for the US to do so. If the lie gets leaked to the media or pretty much anyone not on the inside, the whole cover is blown. For the same reason most conspiracy theories are BS, this is also BS...you have too many people who know the facts, and it takes one person to blab if it's all a lie. The media (think Pentagon Papers) can get away with that in the US...try it in Russia or China.

    • In general if a country is known to be actively trying to hack and break into your countries sensitive systems. And said country has a proven policy of tight control between government and industry. It really wouldn't be a good idea, to use there system to protect yours.

      Can Kaspersky be honest and not send any data to its host government... Yes, it is possible. However, for the Russian Government, they are a key ready at their disposal if they ever feel they need them. Just like how the United States NSA

    • by dcw3 ( 649211 )

      I do, but as a Cold War vet, you'd probably think I'm biased.

    • by rtb61 ( 674572 )

      Technically they are a security threat in that the US government can not issue a binding security letter to force questionable activity, where all the others will roll right over, well roll you right over. It was inevitable the US government would ban them and likely will ban other companies they can not force security letters on.

  • by bogaboga ( 793279 ) on Wednesday January 09, 2019 @03:39PM (#57933178)

    Security Firm Kaspersky, Which Has Been Accused by US of Working With Russian Spies, Helped Catch an Alleged NSA Data Thief

    Security Firm Kaspersky, Which Has Been Accused by US of Working With Russian Spies with no evidence furnished thus far, Helped Catch an Alleged NSA Data Thief

    • by dohzer ( 867770 )

      Well they've given the US one thief, so I guess we can trust them completely from now on. Right?!

      • by dcw3 ( 649211 )

        Well they've given the US one thief, so I guess we can trust them completely from now on. Right?!

        Quite possibly a quid pro quo for some other action that was privately agreed to. Or, it would be a red herring to simply make them more legitimate looking. That thief might have already been compromised so why not give him up publically.

  • by netringer ( 319831 ) <maaddr-slashdot@@@yahoo...com> on Wednesday January 09, 2019 @03:43PM (#57933210) Journal
    Kaspersky found who was behind the Twitter handle by using the highly specialized tool ...Google. He used the same HAL9999999 handle when posting to a dating site. Protip to eleeet spy teefs: Don't do stuff like that.
  • If a criminal turns in another criminal, it doesn't magically make the criminal not a criminal anymore.

    Same applies here to Kapersky. In fact, I'd go as far to say, it's a PR stunt to try to regain favor, an attempt to convince others they're not in bed with the FSB. Not a chance. If anyone falls for this, you deserve Russian crafted malware.

  • by Gravis Zero ( 934156 ) on Wednesday January 09, 2019 @04:02PM (#57933378)

    Nobody has claimed Kaspersky was a willing or even witting participant in the event, only that they were a participant. As such, it's fully within the rights of the US government to deem their software on US government systems to be a threat and to advise employees to not use it.

    On the other hand, what better way to sow seeds of self-doubt than to sacrifice a pawn?

    There are a couple reasons to trust them but far more numerous and more compelling reasons to distrust them.

  • In all likelihood (Score:5, Interesting)

    by nehumanuscrede ( 624750 ) on Wednesday January 09, 2019 @05:00PM (#57933728)

    Kaspersky is probably the only company who refuses to look the other way at NSA / CIA born malware and viruses.

    If you don't play nice with the spooky types, they make life hell on you in return.

    • by dcw3 ( 649211 )

      Yeah, and how many "spooky types" have you actually know to do this? I've worked around three letter agencies for forty plus years, and never once seen that occur. Not saying it hasn't, but it would certainly be the exception.

  • Surely, stuff like this can't happen if we have backdoors only for the good guys!
  • This makes sense (Score:5, Interesting)

    by Miles_O'Toole ( 5152533 ) on Wednesday January 09, 2019 @07:41PM (#57934552)

    TFA says Kaspersky's tip led to the arrest in 2016 of a security contractor who stole massive amounts of data from the NSA. Their reward was that in 2017, Donald Trump signed legislation banning Kaspersky on government computers, and prohibiting government institutions from buying or installing it on "computers and other devices".

    It looks an awful lot like Kaspersky proved in 2016 they were not a tool of the Russian government. Their reward was that less than a year later, Putin reached out through his asset in the White House to punish them for failing to bend over and spread for him.

  • Boy do I feel awkward. I have been accessing the NSA data bases to do light credit checks of folks that use debit cards. I just thought it was ok, what with cell tower owners selling location data. So I just figure that any data collected is accessible.

A committee takes root and grows, it flowers, wilts and dies, scattering the seed from which other committees will bloom. -- Parkinson

Working...