Russian Hackers Exploited Kaspersky Antivirus To Steal NSA Data on US Cyber Defense: WSJ (wsj.com) 223
An NSA contractor brought home highly classified documents that detailed how the U.S. penetrates foreign computer networks and defends against cyberattacks. The contractor used Kaspersky antivirus on his home computer, which hackers working for the Russian government exploited to steal the documents, the WSJ reported on Thursday (the link could be paywalled; alternative source), citing multiple people with knowledge of the matter. From the report: The hackers appear to have targeted the contractor after identifying the files through the contractor's use of a popular antivirus software made by Russia-based Kaspersky Lab, these people said. The theft, which hasn't been disclosed, is considered by experts to be one of the most significant security breaches in recent years. It offers a rare glimpse into how the intelligence community thinks Russian intelligence exploits a widely available commercial software product to spy on the U.S. The incident occurred in 2015 but wasn't discovered until spring of last year, said the people familiar with the matter. Having such information could give the Russian government information on how to protect its own networks, making it more difficult for the NSA to conduct its work. It also could give the Russians methods to infiltrate the networks of the U.S. and other nations, these people said. Ahead of the publication of WSJ report, Kaspersky founder Eugene Kaspersky tweeted, "New conspiracy theory, anon sources media story coming. Note we make no apologies for being aggressive in the battle against cyberthreats."
LOL (Score:2, Insightful)
OK fanboys, I've got the popcorn out, what is your new excuse why they should still be trusted? The nonsense people said last week was so rich, I'm waiting for it to grow even more absurd today as the cognitive dissonance builds and blinds them to the quality of their arguments.
Re: (Score:2)
Simple, Ruskies probably did the same to the OTHER antivirus co's. We just haven't heard about it yet.
Doesn't mean K is good, just that like the telecoms, their competition also sucks. In the land of D-minuses, D is king.
Re: (Score:3)
Your response is literal FUD. You do understand that, right?
Re: (Score:2)
So, why then is the Senate and DoD ready to ban them? Surely, they don't have an axe to grind for Trump's election.
Though, why would you spend U.S. tax dollars on a foreign product if there's a suitable product made at home?
Re: (Score:2)
Make Pancakes Tennis Again!
Re: (Score:2, Insightful)
According to the summary, an anti-virus product helped to protect against cyberattacks. Meanwhile, certain foreign govermnent-sponsored hackers are complaining that some of their victims may now be able to defend themselves against some of their cyberattacks. This poses no additional risk to citizens of the U.S. unless the NSA chooses to withhold information about the exploits that they had been using.
Why who should be trusted, by the way? Were you addressing fanboys of the WSJ, the NSA, Kaspersky Lab, or t
Re: (Score:3)
Russian hackers / {crackers}? Your guess is as good as mine. Though they are pretty good at cracking DRM on video games, etc. I think I'm supposed to post something like: ----===Greetz Fr0m Raz0r 1911 to all the crews===----...
Oh wait, you meant Kaspersky. Still looking for some evidence there...I mean, they are Russian (I think?), but that's purely beyond their control (they were born that way).
Now, why the contractor was using last year's antiviral / anti-malware solution? Questions should be asked. I cou
Re: (Score:2)
Last year's antivirus? This happened two years ago.
Re: (Score:2)
Stupid is stupid and no way around that. But do enjoy your popcorn, that seems to be right down your alley. difficulty wise. But I would advise you to stay away from anything mentally more tasking.
Incidentally, you are being stupid by believing Kaspersky is any less trustworthy than their competitors.
Re: (Score:2)
Calling me names won't change the situation in any meaningful way.
Re: (Score:2)
Indeed. It will not make you any less of an idiot.
Re: (Score:3)
Do you mean trustworthy as a general attribute (probably more or less true, none of them picked up the Sony rootkit), or trustworthy to anyone in particular? I wouldn't trust Kaspersky for an installation with US government secrets, but I trust it as much as any other AV on my computer. If I'm to have spyware on my computer, I'd prefer Russian to US, since the Russians have a lot less potential inter
Re:LOL (Score:4, Insightful)
I'm willing to buy the argument that they were more easily exploitable because of their domestic Russian base -- that means vulnerable humans who can turned through the usual apparatus of spycraft and domestic security services, as well as increased general vulnerability because of their geographic location.
That being said, I think any software producer whose products are expected to run at "ring zero" of security should be thought of as vulnerable, regardless of where they are based. I'm sure the intelligence services and security services long ago made the conceptual leap that these were vulnerable targets that would give them direct entry into high value targets due to the nature of their functional security requirements.
I think the chain of trust anymore is pretty much broken and it's not really very paranoid to consider anything secure.
Re: (Score:2)
There's an old truism when it comes to security: the moment that you feel secure is the moment when you are the most vulnerable.
No defense is impenetrable, and if you feel that yours are, it's very easy to overlook red flags that you've been penetrated.
Re: (Score:2)
Right, but that in no way implies that avoiding increased risks means you must be trusting something. You can be distrusting in general, and still be certain that some things can't be trusted.
No defense is impenetrable. Yet use of purported defenses with conflicts of interest is itself a red flag.
Re: (Score:2)
Absolutely! Trust no one!
On linux when we run virus scanners for whatever reason, we run them in userspace.
That said, if you're on a system that needs active protection from virus scanners, then avoiding the vendors with an enhanced risk profile seems obvious. You have to trust somebody in that situation, but yeah, don't trust them very much; be ready to change later when somebody else appears to be the least risky, because it changes over time.
And avoid vendors outside your own country or allied countries.
Re: (Score:2)
Absolutely! Trust no one!
Including the guy who says "Trust no one!", and including yourself.
Especially yourself. When it comes to security, the person in charge of a system or a network is its worst enemy.
Re: (Score:2)
I didn't say anything about trusting me, instead I expressed ideas that you can use or not. Making use of ideas requires first understanding them though.
What sort of nonsense would you have to be doing where trust of self would even come up as a security issue? Are you writing your own login code or something? Don't trust yourself, instead learn best practices about which parts to use stable libraries for.
Re: (Score:2)
What sort of nonsense would you have to be doing where trust of self would even come up as a security issue?
Anyone who writes code, or configures a computer, or add firewall rules, or pick programs to install should question whether they trust themselves too much, and whether a second and third set of eyes would be useful.
We are easily blind to the problems we ourselves introduce, and tend to trust our own judgement without questioning. And when the brown stuff hits the rotating thing, the natural reaction is to place blame elsewhere, and forget that we shouldn't have trusted our own judgement.
Re: (Score:2)
I don't get your reasoning.
I do little to annoy Russia, other than posting opinions on sites they sometimes troll, and having a friend who's blocked from entering Russia. Russians really can't do all that much to me without considerable effort.
However, I normally have opinions that conflict with those of assorted government officials in the US, which gives them more reason to hassle me than any Russian official has. Moreover, it's not that difficult for a police officer or IRS auditor or some other o
Re: (Score:2)
That's where you're wrong, they sell access to you to criminal gangs, who steal your money.
Domestic criminals have a much harder time getting that data; it doesn't seem to be even on the market to buy access here. In Russia they openly sell access to p0wned systems from any country not a Russian ally; in the US there is no such mainstream market.
Yeah, if you're a criminal and you're in the US, then in that case you'd have a higher threat profile from the US government; but the vast majority of people worrie
Re: (Score:2)
Are you saying that it's likely that Kaspersky would be coerced by the Russian government into giving out information that they then sell to criminal gangs? Do you have evidence? It sounds far-fetched to me. If I'm going to worry about that possible breach of security, I have to worry about US AV companies, since some of them can get pretty shady, and any market in AV-generated information isn't going to be accessible only from Russia.
Re: (Score:2)
Russia has one antivirus vendor they can leverage...
The NSA has several, as well as OS vendors and many other software vendors...
I'm sure the russians are making use of any situation which is to their advantage, but it's naive to think the NSA and other intelligence agencies aren't doing exactly the same.
Re: (Score:2)
Or as they say in my country, "SQUIRREL!"
I'm not really that interested in network squirrels, or even urban squirrels.
Re: LOL (Score:2)
No one is making the claim that you should blindly trust the tribe on the other side of the mountain, but that those who allege that the current chief is the product, or even a pawn, of that other tribe need to have more evidence besides pointing to some wooden signs along the river.
Re: (Score:2)
When the other tribe has been your enemy for decades, you don't need more evidence to decide that it's more risky to buy products from them than your own tribe. It may or may not be fact based, but it's still prudent.
Re: (Score:2)
No one is making the claim that you should blindly trust the tribe on the other side of the mountain, but that those who allege that the current chief is the product, or even a pawn, of that other tribe need to have more evidence besides pointing to some wooden signs along the river.
Um no. You don't trust everyone you pick up for sex, even though they me be as disease free as Jeebuz and pure as the driven snow.
You wear that rubber because there are some folks out there who just might have an STD, and you don't say hey Russia hasn't been unequivocally proven beyond a shadow of a doubt in a court of law in every country before you decide that you might want to think about not using Kaspersky's AV software.
Trustworthy SW is judged by software freedom. (Score:2)
Kaspersky's proprietary anti-malware software was never trustworthy. Kaspersky's anti-malware didn't recently become untrustworthy, and the year-plus long Russophobia didn't change anything nor does that craze amongst the war profiteers inform the current situation.
We judge software's trustworthiness by software freedom—the freedom to run, inspect, share, and modify published computer software. If a program is non-free (proprietary, user-subjugating) that program is untrustworthy regardless of what it
Re: (Score:2)
Then improve them until they do.
That's the great thing about software freedom: programmers can improve free software and make the technical limitations a thing of the past while retaining the software freedom. But non-free software's power and reliability doesn't become freedom-respecting as more features are added.
Re: (Score:2)
The NSA could trivially show proof of a backdoor or sidechannel in a two year old PUBLIC binary without exposing any secrets. If it was there they'd show it.
Ipso facto, it's not there ... fake news.
Re: (Score:2)
Nice hand waving. When has NSA ever publically announced any of it's findings? Get a clue.
Re: (Score:3)
As a former antivirus author, I suggest a third alternative:
Don't trust your computer to any antivirus. You give these programs full access to your machine, and they become an attack vector as well as slowing down the machine.
And it's not like they are going to stop zero day attacks anyhow, and that's the second biggest thing to worry about (after human gullibility).
Re: (Score:2)
Yes, with some simple precautions, you are reasonably safe.
- Do not browse porn or humor sites with flash enabled or without an adblocker.
- Do not open unsolicited e-mail attachments. Especially, don't treat the sender address as authentication - look for text that positively identifies that it's the real sender and why it was sent.
- If you get a suspicious pop-up, don't click its close button, because it could be a visual overlay for the "install" action. Use ALT-F4 to close the browser.
- If in Windows,
Re: (Score:2)
You left out:
- Do not browse sites with third-party ads with flash enabled or without an adblocker. My wife once got infected browsing the New York Times site, which fails badly to be either a porn or a humor site.
Re: (Score:2)
So why are people rushing to defend this attack on our country?
I'm not sure people are, as much as they're not impressed with our country's attack on We The People, even by foreign nationals in CIAs hire.
Plus, is it proven beyond doubt and Hanlon's razor that there was an attack on the attackers?
Idiot Contractor (Score:5, Insightful)
The problem here isn't Kaspersky and Russian hackers, they're just being opportunistic.
The REAL problem here is a dumb @$$ contractor who stole classified information and brought it home.
Why isn't the contractor, both company and employee, being punished for breach of secure information? Any other countries' spooks would want this info, including our allies.
Ahh that's right, let's just take this as an opportunity to bash Russia some more while our real enemy China is cleaning out both our industrial trade and military secrets! /sarcasm
Re: (Score:2)
The problem here isn't Kaspersky and Russian hackers, they're just being opportunistic.
The REAL problem here is a dumb @$$ contractor who stole classified information and brought it home.
Why isn't the contractor, both company and employee, being punished for breach of secure information? Any other countries' spooks would want this info, including our allies.
Ahh that's right, let's just take this as an opportunity to bash Russia some more while our real enemy China is cleaning out both our industrial trade and military secrets! /sarcasm
It is possible to have two problems at the same time. In fact, that usually how disasters happen. The contractor needs denutted for what he did. But that doesn't mean that software designd to compromise a person's computer is supposed to be applauded as Hey, Everone's doing it, so it's all good.
That isn't how the game works regardless of what you think. Contractor? At best a dumbass, at worst a leaker or actual spy. Kaspersky? Well everyone doing it or not, they were caught. And "Everyone does it" isn't
Re:Idiot Contractor (Score:5, Informative)
Do you have a copy of the terms of the contract that dictates what the contractor is and is not allowed to do? Can you provide information on relevant law governing information access? Can you cite what level of clearances are involved?
From TFA:
"An NSA contractor brought home highly classified documents that detailed how the U.S. penetrates foreign computer networks and defends against cyberattacks. The contractor used Kaspersky antivirus on his home computer...
As you can see in the above text, I've highlighted the areas that might help pull your head out of your ass.
"Home" computers are not something that is authorized for storing or transmitting highly classified information. Not to mention "home" building codes lacking SCIF-level TEMPEST protections. Regardless of my lack of access to specific contractual details, I'd say there's about a 0.0000001% chance that this bullshit was authorized in any way.
Re: (Score:2, Insightful)
Sure, it's all spelled out in the NISPOM:
https://en.wikipedia.org/wiki/... [wikipedia.org]
The most relevant section is Chapter 5:
http://www.dss.mil/documents/o... [dss.mil]
Nobody can take classified material home, ever. Nobody can put classified material onto an unapproved computer, ever. These are not things that change from contract to contract.
Re: (Score:2)
> Nobody can take classified material home, ever. Nobody can put classified material onto an unapproved computer, ever. These are not things that change from contract to contract.
Well, unless your name ends with Clinton and it's only classified pictures of North Korea... which we know because we have the emails where they were trying to spin that with their political hacks and they were worried that part would bite them :)
Re: (Score:2)
The legal treatment is different based on whether you mishandled classified information as a conscious act or not. (The law may not distinguish, but people who don't intentionally mishandle it are not prosecuted.) This guy almost certainly had to go through some procedures to get classified material to his home computer, and that suggests intention.
It's possible that the guy was not cleared to handle classified information, and therefore did not break the law, but in that case he should have had no acc
Re: (Score:2)
I discussed all the evidence of intent back here [slashdot.org] with full citations, including the entire Congressional hearing on the subject.
In Clinton's case, we have an email between her & Colin Powell discussing how to cheat the system. It's hard for me to read this and not think that either person knew exactly what they were doing.
Re: (Score:2)
Exactly what's wrong about this email? Powell and Clinton are discussing how to use their personal devices, which appear to be against security protocol, not the law. Powell warns Clinton that a device that has official government business on it could be classified as something having official documents, and subject to that law. Powell describes how he fought with security restrictions. I see no mention of classified documents or classifications. I see no mention of violating the law. (During both Po
Re: (Score:2)
Re: (Score:2)
As Comey noted, all the Top Secret was from PUBLIC SOURCES (newspapers).
The mere fact it was in the public domain did not reduce the classification
That said, unless you can prove she KNEW it was classified material, from the PUBLIC SOURCES, no case, no crime
Re: (Score:3)
Ah, but you forget that she sent/received content with portion marks. Public Sources do not generally portion mark their material. That stuff came from classified documents, was marked as classified, and should have been recognized by Hillary (and the rest of those reading the E-mails) as classified.
You are stopping at story #3 out of #4...
Story 1: I didn't use my private E-mail server for work E-mails, it was just wedding planning and Yoga schedules.
Story 2: I used it for work, but only for non class
Re: (Score:2)
And they were all stamped CONFIDENTIAL (c)
So like I said, all the TOP SECRET was from public sources, said the FBI confirmed by Comey
Re: (Score:2)
That said, unless you can prove she KNEW it was classified material, from the PUBLIC SOURCES, no case, no crime
That's not true at all. In fact, some ideas are even born classified. ( https://en.wikipedia.org/wiki/... [wikipedia.org] ).
Also, if a newspaper reporter gets classified documents and writes a story about it, FOR MOST CASES, no crime on their part, and they knew it was classified. The person handing it over, whether they "knew it was classified" or not is the liable party. Otherwise the law would be completely unenforceable. Imagine if you could get out of murder by saying "I didn't know murder was illegal."
Re: (Score:2)
Therefore, unless she KNEW it was classified...get it Trumpian?
Re: (Score:2, Interesting)
Not quite: If you are the recipient of classified information, marked or unmarked, emailed to you, you have a responsibility to report it. Not doing so is a violation - probably not a jailable violation, but your next security briefing would be uncomfortable to say the least, and you probably would be denied anything above flat SECRET clearance in the future. Back in my classified days, I once received (from a government lab employee) a series of SECRET, oh, lets call them numbers. The guy obviously didn
Re: (Score:2)
Actually, what Comey said is that people who did what she did weren't prosecuted. In my research, that seems to be correct. What Clinton did is normally handled administratively. It may result in temporary or indefinite loss of clearance, or being fired, and is probably a career-limiting move.
Re: (Score:2)
Because of Hillary Clinton.... She E-mailed classified stuff around the planet on her personal E-mail server without so much as ROT 13 encryption... BUT.... James Comey decided that it wasn't a crime and announced to the world that he didn't think she could be charged because she had no intent to be careless.
If Hills can, why not this contractor? After all, it wasn't their INTENT to share it with the Russians and they presumably didn't E-mail it to anybody.
(Sarc off)
Show me where Hillary actually mailed known classified material using her server. Oh right, you can't. (snip)
I understand you hate Hillary, I don't like her either, but at least stick to facts.
I believe your facts are a bit behind the truth. Comey's guys found E-mail MARKED classified which Hills sent/received. You need to read that again... The content carried portion marks that indicated it was classified. What's worse, it was literally cut and pasted from a classified document into an unclassified E-mail.... (Perhaps not by Hillary, but by SOMEBODY, and that means classified was improperly put on an unclassified system..)
Hillary claims that she didn't see and understand what these marks
Re: (Score:2)
Seriously? The markings mean nothing?
You are either daft or just flat don't know what you are talking about. What do you suppose those things in () in front of each paragraph actually are and what do they mean? Those are portion marked. Here is some material you need to read: https://www.archives.gov/files... [archives.gov]
FIRST: The FBI isn't going to just post the E-mail's in question unless they got them declassified. That would be mishandling classified and SOME folks in the government actually try to follow th
Re: (Score:2)
Re: (Score:2)
Read all you want, but the fact remains that this issue with Clinton cost her the presidency... Maybe she made a mistake or was actually criminally negligent, but the facts are that she tried to deflect this issue by down playing it and was forced to admit to more and more serious infractions as the facts came to light. Had she come clean when this story first came to light, she'd likely be president right now.
And I don't agree with your characterization of her e-mails and their contents as not being seri
Re: (Score:2)
She just didn't care. It's not that hard to keep things separated, it's a pain in the butt, but doable if you have half a care about what you are doing.
Hillary didn't care. She either didn't care enough to educate herself in the proper protection of our nation's most sensitive information, or she didn't care enough to protect it. Take your pick... Either way, it reflects badly on her.
My guess is she knew what this stuff was. It's not like she's a novice with this stuff. She's held clearances off and
Re: (Score:2)
Yea, I don't know anything at all about handling classified information... Of course I could claim to have various clearances for 50 years but this is the internet, I could claim anything about myself and you'd not know the differance.
This "other folks did it" is a dodge. No they didn't, not with classified information, not to this extent and certainly they didn't lie about having done it. In both cases they provided access so the archives could be made in accordance with the law. Clinton? Not so much
Re: (Score:2)
She lied.... Well, perhaps she didn't care enough to find out the actual truth and didn't remember so she invented a story to spin out of the problem.... But her story changed over the 18 months it was an active news story and she had to modify her story on multiple occasions as new facts came to light. I've outlined this before.. She went from "It wasn't used for work.." To "It was only for convince and didn't have classified information on it." to "It didn't have anything MARKED classified on it" to whe
Re: (Score:2)
Oh yea.. Here comes the Powel did it and Clinton just forwarded stuff dodges... I can tell, there is no point in trying to move you forward here or correct your facts... She made deplorable mistakes though lack of caring and acted like the rules didn't apply to her, what other folks did is immaterial to her problem.
Give it up, she lost the election likely because of all this hoopla if truth be told. Hoopla she brought on herself, but still won't admit... But that's a whole other debate...
Re: (Score:2)
LOL, and you are defending the gal who's getting written a speeding ticket for doing 20 over by saying "Look at all those other folks doing 5 over! What about them?" I'm not dismissing them, I'm just pointing out that it's not a defense of what Clinton did.
Clinton either lied or simply didn't care enough to know the truth before she made specific public assertions of her innocence to the press. She then had to change her story, not once, not twice, but four times.... It cost her the Whitehouse and almost g
Re: (Score:2)
Clinton screwed up. She did nothing that warrants prosecution, or would have gotten anyone else prosecuted.
Re: (Score:2)
Politifact isn't exactly a right-wing source either. Both sides like to ignore or forget facts that don't fit the agenda.
And perhaps there would have been more, had she not instructed people to *remove* those markings:
https://www.cbsnews.com/news/state-department-releases-more-clinton-emails-several-marked-classified/
CBS isn't a right-wing source either.
Look, she was still a better choice than Trump by lightyears, but it does no one any good to continually pretend t
Why was he allowed to take the docs home?! (Score:2)
Although doesn't this:
Note we make no apologies for being aggressive in the battle against cyberthreats.
Sound like a tacit admission?
Re:Why was he allowed to take the docs home?! (Score:4, Insightful)
Although doesn't this:
Note we make no apologies for being aggressive in the battle against cyberthreats.
Sound like a tacit admission?
No, it does not. It merely says that if the Kaspersky scanner detected files it suspected of being malware but did not know yet (e.g. because the identification was via suspicious behavior pattern, not code signature), it phones home. That is standard behavior and no secret. In fact, you agree to that in the license and it can, I believe, be switched off.
So what likely happened here is that the Kaspersky product was configured to send suspected, but yet unknown, malware files to Kaspersky and it did correctly identify some NSA malware as such and sent them to Kaspersky. I men, seriously, this is what correctly working AV is supposed to do. This whole thing is much more likely about the NSA being butthurt that their criminal activity (criminal everywhere outside the US that is) was discovered and that their respective malware is now detected by Kaspersky. Add to that a few creatively misleading statements to the WSJ reporters (who have zero understanding of what is going on and how the respective technology works) and you have what the WSJ is reporting now.
Re: (Score:2)
It does not explain how it got OUT of Kapersky's labs and into the hands of Russian hackers.
So essentially - any antivirus program will essentially spy on you and upload any personal documents it claims looks "suspicious".
It's like having the TSA installed on your computer.
Re: (Score:2)
In does not even explain that it got from Kaspersky to the Russian hackers. It may have taken another path. Or it may have been given to other parties (including other AV vendors and to government agencies) after analysis showed it was malware and not personal files. AV vendors do that all the time, and some organizations can pay for that data-stream as well.
Yes, every AV spies on you if you allow it to. Configuring AV is one place where you should pay attention.
And no, I am not particularly fond of Kaspers
Comment removed (Score:5, Insightful)
Re: (Score:2)
Re: (Score:2)
Well, given that the NSA spies worldwide (Score:2)
And very likely with pretty much the methods described, I think this cannot get much more hypocritical. And while we _know_ the NSA does this, we only have a scare-story that may turn out to be a complete fantasy on the Russians and Kaspersky.
Is it so easy to bring home classified stuff? (Score:3)
I’m a bit puzzled: aren’t highly confidential documents stored, viewed and edited only on secured computers? Is it really that easy for a contractor (or even an employee) to grab a copy and leave with it, entirely unnoticed?
Re: (Score:2)
Re: Is it so easy to bring home classified stuff? (Score:4, Interesting)
Sadly, yes it is.
Many years ago when I was doing the Navy thing, I would find classified stuff just laying about, unsecured in staterooms.
( Security patrols in case you're wondering why I was even in Officer's Country )
The vast majority of it was documentation of various things found on a ship that was tossed onto a table or rack ( bed ) in a stateroom. Easy to spot due to the color of the cover sheets. ( blue, red, orange, etc )
Apparently the junior officers thought closing the door to their stateroom was enough to protect it. :|
I thought about hiding it from them just to watch the panic set in when they realized a Secret book was now missing, but it would have ended their careers, so I usually just educated them on it.
Stuff up to Secret levels only. Most TS+ and Crypto related stuff required 2-person control and they were much more protective of it.
Re: (Score:2)
I never did classified work, but when I worked at a defense contractor that did this in the 80s, they were highly paranoid. Even for non-classified work they did not let me take storage devices into or out of the company without authorization. Secure documents were only allowed in secure buildings, and I was not allowed into those buildings until they turned on the flashing lights to tell everyone to hide their papers and turn off their monitors. We had a tunnel to move documents between buildings so that
Quite possibly business as usual... (Score:2)
1) Any intelligence agency that doesn't look for exploits in commonly used tools isn't doing their job.
2) Kaspersky is a great target for exploit research no matter who you are.
3) Its common practice to keep identified exploits secret for high value zero day attacks JUST like this.
4) Also standard practice to request (or steal) source from domestic (or vulnerable) corps to make exploit location easier.
Not to defend Kaspersky (cause who knows?) but this just sounds like a normal day at the office for this pr
The real problem here (Score:2)
is the fact the employee brought home classified documents which somehow found their way onto their home ( read that: Unlikely certified to handle classified information ) computer.
Normally, I would consider this unlikely, but apparently keeping classified info on private systems / servers is all the rage these days :|
Re: (Score:2)
is the fact the employee brought home classified documents which somehow found their way onto their home ( read that: Unlikely certified to handle classified information ) computer.
Normally, I would consider this unlikely, but apparently keeping classified info on private systems / servers is all the rage these days :|
I understand the confusion.. Apparently if you don't "intend" to mishandle classified, you can do what you want, including sending it via E-mail to everybody and their brother in unencrypted form. Just be sure to "wipe" that server "with a cloth" should you get questioned on this...
James Comey said so!
Re: (Score:2)
From a legal point of view, you're pretty much right. Unintentional mishandling is not prosecuted. I suspect it's a policy matter, so that people who have made a mistake won't be afraid of hard time should they report it or fail to cover it up.
Re: (Score:2)
Continued mishandling of classified, albeit unintentional or not, IS a disqualifier however. Seriously, if you make a mistake or two, I'm sure they will be reasonable, require some remedial training in the areas where you are making mistakes and keep an eye on you for awhile. If you keep messing up, they are going to eventually yank your access and kick you to the curb because you don't seem well suited for the work you are doing.
However, intent is not necessary to break the law here. If you are careles
Re: (Score:2)
Continued misbehavior is when a person is warned about his or her behavior and persists in it anyway. It doesn't have anything to do with the length of time the person has been misbehaving. Misbehavior that doesn't occur after a warning isn't continued. If someone has made a mistake, and no attention is called to it, that person is likely to continue making that mistake. Only if the misbehavior continues after a warning is it a matter of conscious choice.
The thing about criminal negligence is that it
SMH (Score:2)
"An NSA contractor brought home highly classified documents"
^^^ THIS
What contracting company. (Score:2)
Booz Allen had been running up a nice streak but lost that with reality winner, so have that pushed forward and tried to start streak two?
and it wasn't even vodka (Score:2, Funny)
Russians drank all my beer! Just the other day I bought a six-pack, and now it's gone. Goddammit I blame the Russians!
Re: (Score:2)
Next time try putting a mouse in the container and blame it on the brewery [wikipedia.org].
Re: and it wasn't even vodka (Score:2)
Fool! I'm not a Putinbot - I'm a NORKBOT! Great Leader Kim Il-sung personally programmed me, shortly after he invented the Internet.
Nothing could be better for the glorious Democratic People's Republic than to set the Yankee imperialists and the Muscovite capitalist restorationists at each other's throats. That's why I always say, BLAME RUSSIA! Workers and peasants in America have been so brainwashed and driven mad by capitalism, they will believe anything.
Remember: THE RUSSIANS DID IT!
What am I missing? (Score:2)
Am I understanding correctly? Of course I didn't read TFA, but from the summary I'm guessing that dude had Kapersky antivirus, and when he loaded the files it sent them home for scanning, and since they're a Russian company the Russian government has access to the files. This doesn't really make sense to me. It would make sense that it could send the checksums back home to compare, except even that doesn't make a lot of sense, since the "virus database" (aka a list of checksums of flagged blocks) should be
Re: (Score:2)
Documents get taken home from work and existed on some home network computer.
Some outside network discovers the documents that have never been in the wild before. The bad people have all the "checksums" for random US gov documents and scan the world for them?
Data gets sent back up the network nobody has noticed on any other version of the product range...
Russia.
More cyber fiction.
Taking it home? (Score:2)
Re: (Score:2)
I've worked in banks, you cannot remove data from a PC without the drive being encrypted first. That drive can only be read by the banks PC's, and there are layers of security etc around that as well. Who can actually take data, who can read that data, etc. etc.
Most of the banks data is per
Re: (Score:2)
I was a contractor for a financial firm around 2006, and I had a work-issued laptop. It had full-disk encryption, integrated with the Windows logon. While putting Visual Studio on it, IT managed to hose it somehow so it could not get into Windows.
This gave IT a real problem. The disk was encrypted, and the encryption could not be broken. IT was required to pull all information off disks before destroying or reformatting them, and the information was completely inaccessible. They kept that laptop for
Here's what probably happened (Score:2)
An NSA contractor stole highly classified documents, but before he could sell them, they got stolen.
Because he had no other reason to take home classified documents.
Re: (Score:2)
Possibly, or he could have just been doing so out of laziness/convenience, a la Clinton.
Ask reddit... (Score:2)
Re: (Score:2)
Personal computers come with lots of crapware nowadays, and a tool to remove it all is useful.
Re: (Score:2)
It's a great story. It never gets old.
True dat.. Been going on for almost 80 years now...
Re: (Score:2)
The story isn't saying that the anti malware program is a front for cyber warfare. It is saying that the program was hacked. No evidence that they were willingly hacked or assisted in undermining their own product. And it was an older version of Kaspersky. Hacking an antivirus is a big target, it gets you past the front door and into the bedroom.
Re: (Score:2)
Re: (Score:2)
You say that as if nothing replaced the KGB. Hell, Putin was KGB. Who do you think his cronies are?
Re: (Score:3)
Re: (Score:2)
This was almost certainly intentional mishandling of classified materials, and that is normally prosecuted as a felony.
The line between prosecution and no prosecution is normally if the violation was done deliberately or not. This looks awfully deliberate.