US officials: Kaspersky "Slingshot" report burned anti-terror operation
A malware campaign discovered by researchers for Kaspersky Lab this month was in fact a US military operation, according to a report by CyberScoop's Chris Bing and Patrick Howell O'Neill. Unnamed US intelligence officials told CyberScoop that Kaspersky's report had exposed a long-running Joint Special Operations Command (JSOC) operation targeting the Islamic State and Al Qaeda.
The malware used in the campaign, according to the officials, was used to target computers in Internet cafés where it was believed individuals associated with the Islamic State and Al Qaeda would communicate with their organizations' leadership. Kaspersky's report showed Slingshot had targeted computers in countries where ISIS, Al Qaeda, and other radical Islamic terrorist groups have a presence or recruit: Afghanistan, Yemen, Iraq, Jordan, Turkey, Libya, Sudan, Somalia, Kenya, Tanzania, and the Democratic Republic of Congo.
The publication of the report, the officials contended, likely caused JSOC to abandon the operation and may have put the lives of soldiers fighting ISIS and Al Qaeda in danger. One former intelligence official told CyberScoop that it was standard operating procedure "to kill it all with fire once you get caught... It happens sometimes and we're accustomed to dealing with it. But it still sucks. I can tell you this didn't help anyone."
This is good malware. You can't expose the good malware!
Related: Kaspersky Claims to have Found NSA's Advanced Malware Trojan
Ties Alleged Between Kaspersky Lab and Russian Intelligence Agencies
Kaspersky Willing to Hand Source Code Over to U.S. Government
Kaspersky Lab has been Working With Russian Intelligence
FBI Reportedly Advising Companies to Ditch Kaspersky Apps
Federal Government, Concerned About Cyberespionage, Bans Use of Kaspersky Labs Products
Kaspersky Lab and Lax Contractor Blamed for Russian Acquisition of NSA Tools
(Score: 2) by Gaaark on Thursday March 22 2018, @06:46PM (3 children)
It's good until it's used against Americans. Then it's bad?
--- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
(Score: 5, Insightful) by Snotnose on Thursday March 22 2018, @06:54PM
The problem is the holes they're exploiting exist on all computers/networks, and you can be damned sure it's not just JSOC that knows about them.
What they should do, but I'm not holding my breath, is tell the vendors about these holes so they can fix them. Then again, I haven't been drinking the RA RA 'MURICA! Kool Aid for the past 20 years.
It's just a fact of life that people with brains the size of grapes have mouths the size of watermelons. -- Aunty Acid
(Score: 3, Insightful) by Anonymous Coward on Thursday March 22 2018, @06:54PM (1 child)
No, no, no. That's not it at all. It's good until we get caught and cannot plausibly deny it. Then it's bad that we got caught (but the malware is still good).
(Score: 2, Interesting) by Anonymous Coward on Thursday March 22 2018, @07:07PM
Backdoors found - "bad", and quickly swept under the rug: compare with the brouhaha around Meltdown/Spectre.
The parts providing them - still "good", even if for nothing apparent but more backdoors.