The Wall Street Journal and The Washington Post wrote about the participation of Kaspersky Laboratory in stealing data of the US National Security Agency (NSA) and transmitting it to Russian secret services. Whom shall we believe?
Wall Street Journal and The Washington Post report that in 2015 an important data were downloaded from the personal computer of an American intelligence officer. The data contained the technology of hacking networks and secret software used by NSA. The officer used anti-virus from Kaspersky Laboratory.
Later on the newspapers clarified that the files belonging to NSA were discovered by Israeli hackers in 2015 while the network of Kaspersky Laboratory was hacked.
Using the data stolen Russian secret services could not only protect themselves from NSA penetration but also use instruments for their attacks.
«Kaspersky» responds to the blow
The company considers the accusations to be not substantiated and stresses that all the messages are based on anonymous sources. The official position of the company does not change: Kaspersky Laboratory cooperates with the state only within the framework of laws, providing security and struggle against extremism and does not spy its users.
Indeed, there is no direct evidence of the company's involvement in the incident. Data could be obtained behind the back of the company, for instance through vulnerabilities of anti-virus.
Kaspersky Laboratory started a massive internal investigation after the publications.
The report published states in 2015 and in the subsequent years no precedents were recorded equal to the precedents described by american magazines. The most similar case was reposted in 2014.
At that time Kaspersky Laboratory was investigating attacks one of the most powerful hacker groups Equation Group that might be connected to NSA. On one of the computers attacked by Equation in USA was installed a cloud solution from Kaspersky Laboratory. And files that are dangerous were automatically sent to company servers for an analysis.
The report states that Kaspersky Laboratory does not implement special algorithms for detecting classified information in its products.
The company is continuing the investigation and is planning to provide with the full technical information for peer review.
It is possible the situation will be further developed because both of the sides received serious reputational blows. Now the products of the Kaspersky Laboratory are installed on the millions of the computers around the world so the company may incur large financial losses. It’s worth noticing that such organisations like Interpol and German National Center of Cybersecurity continue to cooperate with Kaspersky Laboratory.