Kaspersky: Yes, we obtained NSA secrets. No, we didn’t help steal them

Capturar

By DAN GOODIN

For almost two months in 2014, servers belonging to Moscow-based Kaspersky Lab received confidential National Security Agency materials from a poorly secured computer located in the United States that stored the files, most likely in violation of US laws, company officials said.

The classified source code, documents, and executable binaries were stored on a computer that used an IP address reserved for Verizon FIOS customers in Baltimore, about 20 miles from the NSA’s Fort Meade, Maryland, headquarters, Kaspersky Lab said in an investigation report it published early Thursday morning. Starting on September 11, 2014 and running until November 9 of that year, Kaspersky Lab servers downloaded the confidential files multiple times after the company’s antivirus software, which was installed on the machine, found they contained malicious code from Equation Group, an NSA-linked hacking group that operated for at least 14 years before Kaspersky exposed it in 2015.

The downloads—which, like other AV software, the Kaspersky program automatically initiated when it encountered suspicious software that warranted further inspection—included a 45MB 7-Zip archive that contained source code, malicious executables, and four documents bearing US government classification markings. A company analyst who manually reviewed the archive quickly determined it contained confidential material. Within a few days and at the direction of CEO and founder Eugene Kaspersky, the company deleted all materials except for the malicious binaries. The company then created a special software tweak to prevent the 7-Zip file from being downloaded again.

“The reason we deleted those files and will delete similar ones in the future is two-fold,” Kaspersky Lab officials wrote in Thursday’s report. “We don’t need anything other than malware binaries to improve protection of our customers and secondly, because of concerns regarding the handling of potential classified materials. Assuming that the markings were real, such information cannot and will not [be] consumed even to produce detection signatures based on descriptions.”

MORE: https://arstechnica.com/information-technology/2017/11/kaspersky-yes-we-obtained-nsa-secrets-no-we-didnt-help-steal-them/

Mais do que uma solução tecnológica, somos uma decisão estratégica para as organizações.

Nossa missão é redefinir a relação das empresas com a cibersegurança e a experiência dos usuários no processo de autenticação e acesso a ativos tecnológicos.