Stories
Slash Boxes
Comments

SoylentNews is people

Kaspersky Lab Cybersecurity Firm is Hacked

posted by janrinok on Thursday June 11 2015, @01:16PM   Printer-friendly
from the doctor-heal-thyself! dept.

n1 writes:

The BBC reports:

One of the leading anti-virus software providers has revealed that its own systems were recently compromised by hackers.

Kaspersky Lab said it believed the attack was designed to spy on its newest technologies.

It said the intrusion involved up to three previously unknown techniques.

The Russian firm added that it was continuing to carry out checks, but believed it had detected the intrusion at an early stage.

Although it acknowledged that the attackers had managed to access some of its files, it said that the data it had seen was "in no way critical to the operation" of its products.

Additionally, an Anonymous Coward also provides an article from Der Spiegel, which says:

Analysts at Kaspersky's Moscow headquarters had already been familiar with important features of the malware that was being used against them. They believe it is a modernized and redeveloped version of the Duqu cyber weapon, which made international headlines in 2011. The cyber weapons system that has now been discovered has a modular structure and seems to build on the earlier Duqu platform.

In fact, says Vitaly Kamluk, Kaspersky's principal security researcher and a key member of the team that analyzed the new virus, some of the software passages and methods are "very similar or almost identical" to Duqu. The company is now referring to the electronic intruder as "Duqu 2.0." "We have concluded that it is the same attacker," says Kamluk.

When asked who they believe could be behind the software, Kaspersky officials are typically vague -- which is the typical attitude shown by international IT security vendors when it comes to the question of attribution. The modular Duqu arsenal is "extremely complex and very, very expensive," says Kamluk. "Cyber criminals are not behind this. We are probably dealing with nation-state attackers." As is often the case in the difficult search for the true originators of cyber attacks, which technology can easily cover up, the targets themselves could provide the best clues about who may have perpetrated the attack.

It also suggests that Israel could be behind the attack, although this seems rather speculative.

Original Submissions: One Two

 
This discussion has been archived. No new comments can be posted.
Kaspersky Lab Cybersecurity Firm is Hacked | Log In/Create an Account | Top | 12 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 1) by dj245 on Thursday June 11 2015, @06:51PM

    by dj245 (1530) on Thursday June 11 2015, @06:51PM (#195095)

    Last time I checked, their anti-virus product was among the best, when it comes to actually catching viruses.

    I always like to check claims like these. Kaspersky does seem to be consistently among the best [av-comparatives.org]. The depressing thing is that a 99.4% catch rating means that 1 out of every 166 threats gets through, at least until that one threat is recognized. And there are a lot of threats out there. You could even run multiple malware protections but eventually statistics might catch up to you.

  • (Score: 0) by Anonymous Coward on Thursday June 11 2015, @07:08PM

    by Anonymous Coward on Thursday June 11 2015, @07:08PM (#195102)

    It's part of the windoze tax.

  • (Score: 2) by Wootery on Saturday June 13 2015, @01:16AM

    by Wootery (2341) on Saturday June 13 2015, @01:16AM (#195588)

    You could even run multiple malware protections but eventually statistics might catch up to you.

    They might not get along together, and even if they did, the few that slip past Kaspersky are likely to also be getting past most of their rivals as well. The overlap on false-negatives is probably pretty high.