Hackers working for Russia reportedly stole details of how the United States penetrates foreign computer networks and defends against cyberattacks after a National Security Agency contractor put the classified data on his home computer.
According to The Wall Street Journal, the Russian hackers might have targeted the NSA contractor because they identified the files through antivirus software he was using — made by Russia-based Kaspersky Lab.
The Journal reported the undisclosed 2015 security breach could be one of the most significant in recent years – and shows how Russian intelligence exploits a widely available commercial software product to spy on the United States.
The breach illustrates NSA's longstanding problem with keeping secrets from spilling out, former intelligence personnel told the Journal, noting they were rarely searched while entering or leaving their workplaces to see if they were carrying classified documents or items like a thumb drive.
The stolen material included details about how the NSA penetrates foreign computer networks, the computer code it uses for such spying and how it defends networks inside the United States, the Journal reported.
That kind of data could give Moscow information on how to protect its own networks, along with methods to breach U.S. networks and those of other nations, the Journal reported.
A spokesman for the NSA did not comment on the security breach, but said the Defense Department, of which the NSA is a part, has a contract for antivirus software with another company, not Kaspersky.
In a statement, Kaspersky Lab said it "has not been provided any information or evidence substantiating this alleged incident, and as a result, we must assume that this is another example of a false accusation."
The Kaspersky incident is the third publicly known breach at the NSA involving a contractor's access to a huge trove of highly classified materials — and prompted an official letter of reprimand to the agency's director, Adm. Michael Rogers, the Journal reported.
Rogers came into his post in 2014 promising to staunch leaks after the disclosure that NSA contractor Edward Snowden the year before gave classified documents to journalists that revealed surveillance programs run by the United States and its allies.
According to the Journal, national security officials have long suspected Kaspersky Lab, founded by a computer scientist trained at a KGB-sponsored technical school, is a proxy of the Russian government, which under Russian law can compel the company's assistance in intercepting communications.
"You're basically surrendering your right to privacy by using Kaspersky software," Blake Darché, a former NSA employee who worked in the agency's elite hacking group that targets foreign computer systems, told the Journal.