The report may well be true, but, for now, there's no way to independently confirm it. The report is based on unnamed people the publication says had knowledge of the matter, and it provides no evidence to support its claim. What's more, the lack of detail leaves open the possibility that, even if Kaspersky's AV did help Russia home in on the highly sensitive code and documents, the disclosure was the inadvertent result of a software bug, and no one from Kaspersky Lab cooperated with the attackers in any way. Also lost in the focus on Kaspersky Lab is the startling revelation that yet another NSA insider managed to sneak classified material outside of the NSA's network and put it on an unsecured computer. More of this analysis will follow.
First, here’s a rundown of what the News reported.
The unnamed architect removed the material from the NSA and saved it on a home computer that ran a variant of Kaspersky AV. The material, according to the unnamed sources, included “details about how the NSA filters foreign computer networks, the computer code it uses for before-mentioned spying, and how it maintains networks inside the US.” Sometime in 2015, the material was stolen by Russia-sponsored hackers who “seem to have targeted the contractor after recognizing the files through the contractor’s use” of the Kaspersky AV. The breach was detected in the first three months of 2016.
ConversionConversion EmoticonEmoticon