Does alleged NSA hack of Kaspersky signal new front in cyberwar?
-
Fred Weir Correspondent
| Moscow
The latest Edward Snowden revelations 鈥 an alleged hack of a prominent Russian software firm 鈥 are creating a big stir here.聽
According to聽 Monday, the US National Security Agency and its British counterpart, GCHQ, targeted major Internet security firms, including Kaspersky Labs. They allegedly did so to聽reverse-engineer their antivirus products, enabling them to spy on protected networks.聽
A 2008聽聽published by the whistleblower site says the aims of penetrating Kaspersky's most sensitive systems might include "modifying commercially available software to enable interception, decryption 鈥 or 'reverse engineering' software鈥 to understand how it works.
The warrant was needed because Kaspersky maintains an office in Britain. The request says that targeting the Russian IT giant was necessary because "personal security products such as the Russian anti-virus software Kaspersky continue to pose a challenge to GCHQ鈥檚 CNE [Computer Network Exploitation] capability. And SRE [software reverse-engineering] is essential in order to be able to exploit such software and to prevent detection of our activities."
An NSA slideshow presentation about the covert operation, dubbed "," lists two dozen companies that were targeted. They include several Russian companies, including Kaspersky and the state arms export company Rosoboronexport, but also well-known Czech, Finnish, Slovakian, and Romanian anti-virus providers.聽No US- or British-based firms are listed.
Russian media have reacted with predictable outrage to the revelations. The Kremlin-funded聽English-language channel RT suggested that Kaspersky, which has an estimated 400 million clients worldwide, by Western intelligence agencies because of its technical proficiency.
Kaspersky said in a statement that it was investigating the allegations. "We find it extremely worrying that government organizations are targeting security companies instead of focusing their resources against legitimate adversaries and are actively working to subvert security software that is designed to keep us all safe," it said.
In recent years, Kaspersky has played a key role in unmasking alleged US cyberweapons such as Stuxnet, a sophisticated program used to attack the computer systems at聽鈥檚 main nuclear enrichment facilities, and a similar program known as Flame.
Earlier this year, Kaspersky accused US intelligence agencies of聽聽inside computers made by leading global manufacturers.
And just this month the company's founder, Eugene Kaspersky, blogged that Kaspersky聽had uncovered an "" on its internal networks by an unnamed state actor. He wrote that the malicious software, which he labeled Duqu 2.0, is a generation ahead of anything the firm has previously seen.
While Mr. Kaspersky鈥檚 blog post could be a bit of calculated self-promotion 鈥 a common strategy in the sector 鈥 experts say there's little doubt that the latest Snowden revelations point to an escalating cyberwar of all-against-all that is probably much worse than is publicly acknowledged.
"It鈥檚 another clear signal we need globally-accepted rules of the game to curb digital espionage and prevent cyberwarfare," Kaspersky wrote about Duqu 2.0. "If various murky groups 鈥 often government-linked 鈥 treat the Internet as a Wild West with no rules and run amok with impunity, it will put the sustainable global progress of information technologies at serious risk. So I鈥檓 once again calling on all responsible governments to come together and agree on such rules, and to fight against cybercrime and malware, not sponsor and promote it."
