The Trump administration put a ban on the products of Moscow-based Kaspersky Lab last month, starting a stream of allegations and speculations. While the government hasn't clarified exactly why it's banning the use of Kaspersky antivirus products in the federal agencies, a report released last week revealed that the reason could be Russians using the program to get into US intelligence official's computer. Now, Israel has joined this US-Russia spectacle that has continued since at least the summer of 2016 when the country was first accused by private security firms of trying to influence US elections.
Turns out the US government banning Kaspersky products could be because of Israeli intelligence, a new report has revealed. The cybersecurity drama turned even more explosive as report suggests that it was Israel who hacked into Kaspersky's systems and discovered that Russians were using the product as their "search engine." The Israeli hackers saw Russians scour "computers around the world for the code names of American intelligence programs," according to a latest The New York Times report.
The country then informed the US government of the successful spying attempts carried out by Russia leading to the latest ban.
Israel hacked Kaspersky to install backdoors & caught Russia spying on US
The report makes some explosive revelations bringing Israel at the forefront of the increasingly tense US-Russia relationship. The report claims that the Israeli intelligence officers looked on in real time as Kremlin-backed hackers searched computers around the world for the code names of American intelligence programs using Kaspersky, which the report calls Russia's "improvised search tool."
"What gave the Russian hacking, detected more than two years ago, such global reach was its improvised search tool — antivirus software made by a Russian company, Kaspersky Lab, that is used by 400 million people worldwide, including by officials at some two dozen American government agencies."
Citing people "who have been briefed on the matter" but spoke anonymously due to classification rules, the report conclusively suggests that this Israeli information was the reason why the Trump administration finally decided to released a directive instructing the removal of Kaspersky software from the government computers.
"What additional American secrets the Russian hackers may have gleaned from multiple agencies, by turning the Kaspersky software into a sort of Google search for sensitive information, is not yet publicly known," the report adds.
At least two dozen US government agencies use the AV firm's products, including the State Department, the Department of Defense, Department of Energy, Justice Department, Treasury Department and the Army, Navy and Air Force.
Kaspersky had reported Israeli intrusion back in 2015
In a public report published in 2015, Kaspersky had revealed that state-sponsored hackers had breached into its systems and went undetected for months. While the AV firm hadn't named the nation responsible for the breach, it had reported that attackers bore similarities to Duqu that was in turn linked to the infamous Stuxnet cyberweapon, a joint American-Israeli operation that successfully infiltrated Iran’s nuclear facility.
However, Kaspersky's research had revealed that Israel was possibly working alone as some of its targets were also Americans. Israel had managed to implant multiple backdoors into Kaspersky’s systems to steal passwords, take screenshots, and collect emails and documents. The country used the tool primarily to target individuals in meetings from where it was excluded.
Apparently, during its mission to spy on high-profile targets, the country also discovered that Russia was engaged in similar tactics using the same product. After being booted out of Kaspersky (hopefully), the country informed the United States of Russian hackers specifically looking for US intelligence programs. According to the NYT report, they also provided the US "solid evidence of the Kremlin campaign in the form of screenshots and other documentation" that eventually resulted in a kind of a blanket ban on Kaspersky products.
Kaspersky has maintained that the firm "has never helped, nor will help, any government in the world with its cyberespionage efforts." However, in its statement, the Department of Homeland Security had said that the risk is too big to ignore.
"The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security."
Starting with: if this is true, some "current and former US officials" just leaked and blew a highly classified Israeli counter-intelligence op. Good job guys.
— Pwn ██ ██ ███ (b)(5) (@pwnallthethings) October 10, 2017
Even if Kaspersky wasn't complicit with the Russian or Israeli activities, the latest disclosure reveals that at least two countries were able to break into the company's systems using it for surveillance and data collection. It also further adds to the NSA-problems as yet another official(s) is ready to leak classified information to the media. Israel may not be too happy with the US right now...