Russians used Kaspersky software for hacks, Israeli spies report

Israeli intelligence officials spying on Russian government hackers found they were using Kaspersky Lab antivirus software that is also used by 400 million people globally, including U.S. government agencies, according to media reports on Tuesday.

'Kaspersky Lab does not have inappropriate ties to any government, including Russia,' company says

A picture taken on October 17, 2016 shows an employee typing on a computer keyboard at the headquarters of Internet security giant Kaspersky in Moscow. Israeli spies say they hacked into Kaspersky's network and found tools that could only have come from the U.S. National Security Agency. (Kirill Kudryavtsev/AFP/Getty Images)

Israeli intelligence officials spying on Russian government hackers found they were using Kaspersky Lab antivirus software that is also used by 400 million people globally, including U.S. government agencies, according to media reports on Tuesday.

The Israeli officials who had hacked into Kaspersky's network over two years ago then warned their U.S. counterparts of the Russian intrusion, said The New York Times, which first reported the story. 
That led to a decision in Washington only last month to order Kaspersky software removed from government computers.

The Washington Post also reported on Tuesday that the Israeli spies had also found in Kaspersky's network hacking tools that could only have come from the U.S. National Security Agency. 
After an investigation, the NSA found that those tools were in possession of the Russian government, the Post said.

An employee of Kaspersky Lab works on computers at the company's headquarters in Moscow, Russia. Kaspersky told the Washington Post the company 'does not possess any knowledge' of Israel's hack. (Pavel Golovkin/Associated Press)

And late last month, the U.S. National Intelligence Council completed a classified report that it shared with NATO allies concluding that Russia's FSB intelligence service had "probable access" to Kaspersky customer databases and source code, the Post reported.

That access, it concluded, could help enable cyberattacks against U.S. government, commercial and industrial control networks, the Post reported.

The New York Times said the Russian operation, according to multiple people briefed on the matter, is known to have stolen classified documents from a National Security Agency employee who had improperly stored them on his home computer, which had Kaspersky antivirus software installed on it.

It is not yet publicly known what other U.S. secrets the Russian hackers may have discovered by turning the Kaspersky 
software into a sort of Google search for sensitive information, the Times said.

The current and former government officials who described the episode spoke about it on condition of anonymity because of classification rules, the Times said.

The newspaper said the National Security Agency and the White House declined to comment, as did the Israeli Embassy, while the Russian Embassy did not respond to requests for comment.

The Russian embassy in Washington last month called the ban on Kaspersky Lab software "regrettable" and said it delayed the prospects of restoring bilateral ties.

Kaspersky denies involvement

Kaspersky Lab denied to the Times any knowledge of, or involvement in, the Russian hacking. "Kaspersky Lab has never helped, nor will help, any government in the world with its cyberespionage efforts," the company said in a statement on Tuesday.

Eugene Kaspersky, the company's co-founder and chief executive, has repeatedly denied charges his company conducts espionage on behalf of the Russian government.

Kaspersky spokeswoman Sarah Kitsos told the Washington Post on Tuesday that "as a private company, Kaspersky Lab does not have inappropriate ties to any government, including Russia, and the only conclusion seems to be that Kaspersky Lab is caught in the middle of a geopolitical fight." She said the company "does not possess any knowledge" of Israel's hack, the Post said.
U.S. intelligence agencies have concluded that Russian President Vladimir Putin ordered a multipronged digital influence operation last year in an attempt to help Donald Trump win the White House, a charge Moscow denies. 


To encourage thoughtful and respectful conversations, first and last names will appear with each submission to CBC/Radio-Canada's online communities (except in children and youth-oriented communities). Pseudonyms will no longer be permitted.

By submitting a comment, you accept that CBC has the right to reproduce and publish that comment in whole or in part, in any manner CBC chooses. Please note that CBC does not endorse the opinions expressed in comments. Comments on this story are moderated according to our Submission Guidelines. Comments are welcome while open. We reserve the right to close comments at any time.