Russian government hackers exploited antivirus software to steal U.S. cyber capabilities

Birdjaguar said:
I think that it is unlikely that Kaspersky has been able to elude the pressure from Putin and his friends given that their software is well entrenched in the US.
Click to expand...

There's so little upside though. You do it once, and you're forever burned. Among actual security professionals, Kaspersky has a pretty good reputation - I'd ballpark their resistance to political pressure as better than most American firms' resistance to NSA/FBI/etc. pressure.

As far as I can tell, the worst-looking actors in this story are the Israelis, for hacking a private company, and the NSA employee who brought his tools home, if that wasn't a fabrication.
 
hobbsyoyo said:
There's been questions about the actual security of Kaspersky for a while. You'd think that after the massive Russian intelligence campaign to flip our election was successful that our security forces would wise up. We were wrong. Jesus H Spacegod when will this merry go round of endless Russian interference end. When will our government actually fight this attack on our democracy?
Click to expand...

Out of vanity and capitalist greed you have shown Vlad the power of internet. Now humanity must pay the price!!!
 
To summarize for people who didn't bother to read whole article - Kaspersky offers to perform external audit of their products.
And challenges everybody to provide technical information about "spying" functionality in their antivirus - version of the product, module, code address, etc.
Because nobody did it so far. All accusations are based on "evidences" like their office is located 10 miles from Kremlin and similar.
 
red_elk said:
To summarize for people who didn't bother to read whole article - Kaspersky offers to perform external audit of their products.
And challenges everybody to provide technical information about "spying" functionality in their antivirus - version of the product, module, code address, etc.
Because nobody did it so far. All accusations are based on "evidences" like their office is located 10 miles from Kremlin and similar.
Click to expand...

While hacking via weakness in anti virus software has happened before, in this case South Korea
The fact that Russian government used a Russian based anti virus sure is convenient. Suspicions fallen from the founder of Kasperky to hes employees

Perhaps it time for Kasperky to move to Germany like Vkontakte, whom was pressured by Putin and the Russian government and had to flee to the west. Not suspicious at all.
 
FriendlyFire said:
While hacking via weakness in anti virus software has happened before, in this case South Korea
Click to expand...
Sure.
What Kaspersky said, is you are welcome to send auditors, examine the source code and demonstrate weakness or backdoor in their software.
Or shut up, if you are unable to find any.
 
From Russia. Yes. There is no need to make it easier for Russian spies. They have already proven they will abuse this so now they get to lose this toy. Next time pretend to be responsible and maybe this won't happen but as it is it is a clear and present danger so it goes.
 
Oerdin said:
From Russia. Yes. There is no need to make it easier for Russian spies. They have already proven they will abuse this so now they get to lose this toy. Next time pretend to be responsible and maybe this won't happen but as it is it is a clear and present danger so it goes.
Click to expand...
The article you've cited says that there is no evidence for active collusion between Kaspersky and Russia, but instead says that there is a general threat from Anti Virus Programs (well, d'uh.), how would banning products from Russia change anything about this?

And are you talking about an actual ban for everybody, or are talking about government agencies?
 
Oerdin said:
From Russia. Yes. There is no need to make it easier for Russian spies. They have already proven they will abuse this so now they get to lose this toy. Next time pretend to be responsible and maybe this won't happen but as it is it is a clear and present danger so it goes.
Click to expand...

Probably outlaw American AV software too, no need to make it easier for American spies.
 
Maybe US officials should just go back to using Pen and Paper? Seems to be the best option for cyber security.
 
All the experts agree anti-virus software gets deep root access and has been used a number of times by the Russian government to hack sensitive information.
Click to expand...
red_elk said:
The article you quoted confirms only the first part of your statement.
Nice try, though. Almost textbook manipulation.
Click to expand...
If the first part is true, it makes complete sense to presume that Russian intelligence would wish to exploit this.
 
Yeekim said:
If the first part is true, it makes complete sense to presume that Russian intelligence would wish to exploit this.
Click to expand...
As well as US, Israeli or Estonian intelligence.
You can presume anything, but to conclude that it was actually used by Russian government to hack anything, you need to show evidence of backdoor in their software.
Which would be not so difficult to find, since the head of the company offers to do audit of their products.
 
If one was worried about Israeli government being interested in their hidden data, it would be eminently sensible to avoid IT-security products from Israel.

Well, I am no IT-expert, but read the explanation given by the company you yourself provided:
Yes, our products have the rights to deeply scan the system and files (as well as all the software category "utilities"). Yes, we check files for malicious code. Yes, we specifically monitor and calculate the suspicious behavior of unknown objects in the system - and, in full accordance with the declared functionality , we transfer them to the cloud for further analysis (and only if the corresponding option is included - by the way, almost all existing antiviruses do this).
Click to expand...

So, transfering files from your computer to the cloud is part of the declared functionality. There is no need for any "independent auditor" to look for a "back door".
It follows you simply have to trust the company regarding what kind of analysis happens to them once they are in the cloud, who is given access to them once they are there and what is done with the results of this analysis.

If you are afraid your priest may not keep your confessional secrets, his offer to search the confession chair for hidden bugs can not eliminate this concern.
EDIT: Nor can his explanation that "all priests take confessions". Which is both entirely true and entirely beside the point.
 
Last edited:
Yeekim said:
So, transfering files from your computer to the cloud is part of the declared functionality. There is no need for any "independent auditor" to look for a "back door".
It follows you simply have to trust the company regarding what kind of analysis happens to them once they are in the cloud, who is given access to them once they are there and what is done with the results of this analysis.
Click to expand...
Let's say, NSA specialist installs antivirus on his work computer and scans drive which contains secret exploit tools. AV obviously (and correctly) detects malware, sends files to the cloud for analysis. That's what antivirus suppose to do.
Would you honestly describe this situation as "Russian government hacking", or rather incompetence of the worker? The fundamental difference here, is that there is no malicious intention on the company's side.

What Kaspersky is being accused of, is giving Russian government unauthorized access to users private files. Either unwillingly, through vulnerability in their products, or willingly, through backdoor.
 
red_elk said:
Let's say, NSA specialist installs antivirus on his work computer and scans drive which contains secret exploit tools. AV obviously (and correctly) detects malware, sends files to the cloud for analysis. According to declared functionality.
Would you honestly describe this situation as "Russian government hacking", or rather incompetence of the worker?
Click to expand...
First and foremost, incompetence of the worker. I don't think this is even under question.
red_elk said:
What Kaspersky is being accused of, is giving Russian government unauthorized access to users private files.
Click to expand...
Yes.
red_elk said:
Either unwillingly, through vulnerability in their products, or willingly, through backdoor.
Click to expand...
I think the main risk is that due to being located in Russia, Kaspersky is vulnerable to pressure from Russian government, which may indeed have nothing to do with "hacking". As far as I understand, most(?) antiviruses create a depository of users' files in a cloud. Kaspersky may have been forced to give up access to this depository - either through threats, extortion or bribery. In short, this is a vulnerability that would have nothing to do with the code of their products, which could very well be up to every industry standard.
 
You must log in or register to reply here.

Similar threads

Birdjaguar
Global Strategies for Dominance
2 3
Replies
51
Views
5K
AdamCrock
AdamCrock
mrt144
Attorney General Jeff Sessions Failed to Disclose Meetings with Russians
Replies
9
Views
669
JollyRoger
JollyRoger
Quintillus
U.S. Gov't Orders Apple to Backdoor iPhone
5 6 7
Replies
128
Views
5K
Agent327
Agent327
Kaitzilla
Largest Hack in U.S. history
2
Replies
20
Views
3K
JollyRoger
JollyRoger
ArneHD
"How to hack an election", Election manipulation in South and Latin America
Replies
10
Views
2K
Valka D'Ur
Valka D'Ur
Top Bottom