Israeli intelligence officials spying on Russian government hackers found they were using Kaspersky Lab antivirus software that is also used by 400 million people globally, including U.S. government agencies, according to media reports on Tuesday.
- Anti-Israel hackers spreading new form of malware with anti-Israel messages
- Security experts discover sophisticated cyberespionage campaign active since 2011
- Kaspersky says Iran talks spyware masqueraded under Foxconn name
The Israeli officials who had hacked into Kaspersky's network over two years ago then warned their U.S. counterparts of the Russian intrusion, said The New York Times, which first reported the story.
That led to a decision in Washington only last month to order Kaspersky software removed from government computers.
The Washington Post also reported on Tuesday that the Israeli spies had also found in Kaspersky's network hacking tools that could only have come from the U.S. National Security Agency.
After an investigation, the NSA found that those tools were in possession of the Russian government, the Post said.
And late last month, the U.S. National Intelligence Council completed a classified report that it shared with NATO allies concluding that Russia's FSB intelligence service had "probable access" to Kaspersky customer databases and source code, the Post reported.
That access, it concluded, could help enable cyber attacks against U.S. government, commercial and industrial control networks, the Post reported.
The New York Times said the Russian operation, according to multiple people briefed on the matter, is known to have stolen classified documents from a National Security Agency employee who had improperly stored them on his home computer, which had Kaspersky antivirus software installed on it.
It is not yet publicly known what other U.S. secrets the Russian hackers may have discovered by turning the Kaspersky software into a sort of Google search for sensitive information, the Times said.
The current and former government officials who described the episode spoke about it on condition of anonymity because of classification rules, the Times said.
The newspaper said the National Security Agency and the White House declined to comment, as did the Israeli Embassy, while the Russian Embassy did not respond to requests for comment.
The Russian embassy in Washington last month called the ban on Kaspersky Lab software "regrettable" and said it delayed the prospects of restoring bilateral ties.
Kaspersky Lab denied to the Times any knowledge of, or involvement in, the Russian hacking. "Kaspersky Lab has never helped, nor will help, any government in the world with its cyberespionage efforts," the company said in a statement on Tuesday.
Eugene Kaspersky, the company's co-founder and chief executive, has repeatedly denied charges his company conducts espionage on behalf of the Russian government.
Kaspersky spokeswoman Sarah Kitsos told the Washington Post on Tuesday that "as a private company, Kaspersky Lab does not have inappropriate ties to any government, including Russia, and the only conclusion seems to be that Kaspersky Lab is caught in the middle of a geopolitical fight." She said the company "does not possess any knowledge" of Israel's hack, the Post said.
U.S. intelligence agencies have concluded that Russian President Vladimir Putin ordered a multipronged digital influence operation last year in an attempt to help Donald Trump win the White House, a charge Moscow denies.