from the proactive-data-recovery dept.
Last week, The Wall Street Journal dropped a bombshell when it reported that Russian government hackers located confidential National Security Agency material improperly stored on an employee's home computer with help from Kaspersky antivirus, which happened to be installed. On Tuesday, The New York Times and The Washington Post provided another shocker: the Russian hackers were caught in the act by spies from Israel, who were burrowed deep inside Kaspersky's corporate network around the time of the theft.
The New York Times: How Israel Caught Russian Hackers Scouring the World for U.S. Secrets
The Washington Post: Israel hacked Kaspersky, then tipped the NSA that its tools had been breached (archive)
According to unverifiable sources, an NSA contractor stored classified data and hacking tools on his home computer, which were made available to Russian hackers through the contractor's use of Kaspersky Lab anti-virus software:
Russian government-backed hackers stole highly classified U.S. cyber secrets in 2015 from the National Security Agency after a contractor put information on his home computer, two newspapers reported on Thursday.
As reported first by The Wall Street Journal, citing unidentified sources, the theft included information on penetrating foreign computer networks and protecting against cyber attacks and is likely to be viewed as one of the most significant security breaches to date.
In a later story, The Washington Post said the employee had worked at the NSA's Tailored Access Operations unit for elite hackers before he was fired in 2015.
[...] Citing unidentified sources, both the Journal and the Post also reported that the contractor used antivirus software from Moscow-based Kaspersky Lab, the company whose products were banned from U.S. government networks last month because of suspicions they help the Kremlin conduct espionage.