“In 2015, Israeli government hackers noticed something suspicious on the computers of a Moscow cybersecurity company: hacking tools that could only have emerged from the National Security Agency (NSA),” writes The Washington Post.
Israel warned the NSA that alarmed agency officials immediately began hunting down the burglars, and according to sources familiar with them, their investigation showed that the tools were taken over by the Russian government.
“Israeli spies have discovered hacking materials on the network of Kaspersky Lab, a global antivirus company that has come to the fore in the US over suspicions that its products are conducive to Russian espionage,” writes author Ellen Nakashima.
Kaspersky said that “as a private company, Kaspersky Lab has no inappropriate ties to any government, including the Russian one, and the only conclusion seems to be that Kaspersky Lab has become embroiled in a geopolitical struggle.”
“In the field of cybersecurity, concerns have also emerged about Kaspersky: some officials said that the company’s software was used not only to protect clients’ computers, but also as a platform for espionage,” the article says.
Over the past few years, the company has periodically used a standard method that detects computer viruses, but is also applicable to find information and data not related to malware, according to two industry officials who spoke on condition of anonymity.
This method is called “signature detection method in silent mode”: lines of digital code are hidden when a virus is detected, but they can also be designed to search computers for potentially classified documents using keywords and abbreviations, explains the author of the article.
“Silent detection is a widespread practice in the cybersecurity industry used to confirm malware detection and minimize false positives,” Kaspersky said in a statement. “This allows antivirus developers to offer the most advanced protection without disturbing users with constant on-screen alerts.”
Andrei Soldatov, a Russian intelligence expert and author of The Red Network, says: “I would be very skeptical about the statement that the government cannot access the company’s data.” As a company dealing with encrypted information, Kaspersky must obtain a license from the FSB, Soldatov pointed out, “which means the company is completely open to the eyes” of the FSB.
The company is most likely accountable to the Kremlin, according to Stephen Hall, who led CIA operations in Russia for 30 years. The sphere of activity of “Kaspersky” is of particular interest to Russian President Vladimir Putin, he said, and, having an excellent idea of how everything works in Russia, Evgeny Kaspersky “knows that he is in Putin’s power.”