Recently, we have reported several claims (here, here, and here) made by the Russian security software manufacturer Kaspersky Lab that they have discovered 'evidence' of NSA involvement in malware. Now, Bloomberg claims that the Moscow-based computer security company has effectively been taken over by the FSB. Company founder Eugene Kaspersky was educated at a KBG-run school, which was never a secret, but the new report describes a much more current and intimate connection.
Kaspersky Lab is denying the allegations, as one might expect, and counter with the statement:
It's not as though the US has clean hands in all of this. The CIA has funded the development of security software firms like FireEye, Veracode, and Hytrust though its In-Q-Tel investment fund, and American firms have been noticeably silent when it comes to investigating suspected US state-sponsored malware.
We are unlikely to hear the truth from either side, nor should we realistically expect a confession from the NSA or the FSB. Nevertheless, it is possible that the security industries on both sides are 'guilty' of looking after their respective government's interests and what we are seeing is just another day in the world of intelligence collection and cyber-security, the world of claim and counter-claim.
[Editor's Comment: Typo fixed at 15:39 UTC]
(Score: 2) by Kilo110 on Sunday March 22 2015, @06:34PM
We hear a great deal from Kaspersky about NSA/Israel's evil software. Which is appreciated of course.
But we never hear about Chinese/Russian spyware. They're definitely making it and I'm sure a lot of it rivals what the NSA is making. So why doesn't Kaspersky draw attention to those?
(Score: 1) by EETech1 on Sunday March 22 2015, @11:10PM
1. write malware
2. profit!!!
3. write detection program for #1
4. profit!!!!!
5. BTW... #3 is now su(su) wherever installed
6. ??????
(Score: 4, Insightful) by jcross on Monday March 23 2015, @01:23PM
You know I hadn't really considered before how easy it would be for antivirus software to be crooked without anyone noticing. It's expected to contain a bunch of exploit code for detecting viruses. It's expected to repeatedly scan your file system and all downloads. It's expected to phone home regularly for updates. It's expected to run with a high privilege level. It's expected to use a ton of system resources, or at least it was the last time I ran Windows back in 2005 or so. Much like government "security" organizations, we allow all this because it's "keeping us safe" but who knows what these programs are really up to?