Ramblings of an old Doc
a pattern is emerging
Published on October 7, 2017 By DrJBHL In Personal Computing

 

Spy vs. Spy vs. Spy. "Who's on first?"...one's tempted to ask.

How did it all get started? This incendiary piece. Summary:

"The unnamed contractor removed the material from the NSA and stored it on a home computer that ran a version of Kaspersky AV. The material, according to the unnamed sources, included "details about how the NSA penetrates foreign computer networks, the computer code it uses for such spying, and how it defends networks inside the US." Sometime in 2015, the material was stolen by Russia-sponsored hackers who "appear to have targeted the contractor after identifying the files through the contractor's use" of the Kaspersky AV. The breach was discovered in the first three months of 2016.

The post continued:

US investigators believe the contractor's use of the software alerted Russian hackers to the presence of files that may have been taken from the NSA, according to people with knowledge of the investigation. Experts said the software, in searching for malicious code, may have found samples of it in the data the contractor removed from the NSA.

But how the antivirus system made that determination is unclear, such as whether Kaspersky technicians programed the software to look for specific parameters that indicated NSA material. Also unclear is whether Kaspersky employees alerted the Russian government to the finding.

Investigators did determine that, armed with the knowledge that Kaspersky's software provided of what files were suspected on the contractor's computer, hackers working for Russia homed in on the machine and obtained a large amount of information, according to the people familiar with the matter." - WSJ

The history's a bit longer though:

In September 2015, Google Project Zero researcher Tavis Ormandy said his cursory examination of Kaspersky AV exposed multiple vulnerabilities that made it possible for attackers to remotely execute malicious code on computers that ran the software. If the hackers had knowledge the NSA contractor was using the Kaspersky AV, it's at least feasible they exploited those vulnerabilities or similar ones to identify the sensitive materials and possibly also steal them. - Ars Technica

They were subsequently patched, as were defects (similar) in other security software). In July 2016, along with Wikileaks material and actual hacking tools caused Congress to request material on Kaspersky from various agencies, and wanted to bar the Pentagon from using Kaspersky's software. Now, all agencies (the whole Federal gov't.) forbidden to use Kaspersky's software on any of its computers. 

My pov? Let's go back to the beginning: How did a contractor get the NSA files onto his computer (which also had Kaspersky software)? Seems to me NSA's security sucks, too...not just the whole leaky sieve that is the US government.

Some biographic info on Kaspersky: Eugene Kaspersky studied cryptography, programming and mathematics at an academy operated by the KGB, the FSB’s Soviet-era predecessor, then worked for the Ministry of Defense. Well, that's the way Russia works...

At the risk of angering Jafo, I'm not getting Kaspersky on my machines...not that I think the Russians give a tinker's damn about me, any more than any other American citizen.

 

Sources:

https://www.wsj.com/articles/russian-hackers-stole-nsa-data-on-u-s-cyber-defense-1507222108

https://www.reuters.com/article/us-usa-kasperskylab-probe/exclusive-congress-asks-u-s-agencies-for-kaspersky-lab-cyber-documents-idUSKBN1AD2H0

http://www.chicagotribune.com/news/nationworld/ct-kaspersky-cyber-russia-spy-agency-20170703-story.html

http://www.politico.com/tipsheets/morning-cybersecurity/2017/07/26/whats-next-in-congress-for-the-pentagon-kaspersky-lab-ban-221535

https://arstechnica.com/information-technology/2017/10/the-cases-for-and-against-claims-kaspersky-helped-steal-secret-nsa-secrets/

http://thehill.com/policy/cybersecurity/350492-trump-admin-bans-kaspersky-software-in-federal-agencies

 

 

 

 


Comments (Page 1)
2 Pages1 2 
on Oct 07, 2017

Where the heck are Rocky and Bullwinkle when you need them?  No, not making light of your post, I just don't know what to say......

on Oct 07, 2017

IMO, it shows how complacent this (blank) government has become. Thinking they're all so high and mighty...  

Ending rant before I get into trouble.

on Oct 07, 2017

"Reds under the beds".

99% of what is supposed to have transpired is bullshit....and the rest of it is just rubbish...

The phrase 'beat-up' comes to mind.

Kaspersky won't steal your first-born....it just happens to be Russian.  Russians have computers too....and need AVs....just like 'normal' people....

on Oct 07, 2017

Sure.  Absolutely should just be ignored.  Nothing to see here.  About 99.9% of us don't have NatSec info on our computers, after all.

on Oct 07, 2017

Daiwa

 About 99.9% of us don't have NatSec info on our computers, after all.

 

Other than I have lots of information about aliens threatening Earth.

on Oct 07, 2017

See? Told youse guys Jafo'd wanna kill me.

Actually, security software comes in 2 flavors, folks: FSB or NSA - don't think we're immune to it: We aren't. Our cybersecurity folks have meetings about which holes to report and which to leave in. Netscape Navigator had 8 bit coding for a reason, after all. Spy vs. Spy vs. Spy.

https://tools.cisco.com/security/center/viewAlert.x?alertId=8153

 

on Oct 07, 2017

Hmmm, so glad I have a good supply of custom-made tinfoil hats for my PCs, to prevent probing and hackers, etc..  I mean, why should I be the only one with tinfoil protection!!!!

on Oct 07, 2017

No problem to me. I'm an alien in my own mind anyway.       

on Oct 07, 2017

tetleytea

Other than I have lots of information about aliens threatening Earth.

Like the drunk who claims to be from the future, year 2048, with a warning of an imminent alien invasion. Who'da thunk it.   

on Oct 07, 2017

Like the drunk who claims to be from the future, year 2048, with a warning of an imminent alien invasion. Who'da thunk it. 

Yeah, like who comes back from 2048 drunk?

 

on Oct 07, 2017

tetleytea


Like the drunk who claims to be from the future, year 2048, with a warning of an imminent alien invasion. Who'da thunk it. 



Yeah, like who comes back from 2048 drunk?

 

IIRC, he said he wasn't a drunk, but that the aliens had pumped him full of alcohol to help him survive the time travel  

on Oct 07, 2017

Publius of NV

IIRC, he said he wasn't a drunk, but that the aliens had pumped him full of alcohol to help him survive the time travel

If only they did that for the anal probes as well.  Yeah, it would be less traumatising if yer blotto and can't remember it.

on Oct 07, 2017

DrJBHL

security software comes in 2 flavors, folks: FSB or NSA

the_Monk is having a nice cold beer about now.

on Oct 07, 2017


the_Monk is having a nice cold beer about now.

Or a Canadian Club.  Leastways he won't remember being probed.   

on Oct 08, 2017

starkers


Quoting Publius of NV,

IIRC, he said he wasn't a drunk, but that the aliens had pumped him full of alcohol to help him survive the time travel



If only they did that for the anal probes as well.  Yeah, it would be less traumatising if yer blotto and can't remember it.


How do you they aren't already doing this?  Maybe the aliens are just getting better at. (or started useing a better grade of booze?)

2 Pages1 2