A bombshell report published last week alleged that Kaspersky's antivirus program was used by the hackers working for Russia to hack into the computer of a NSA contractor. The Moscow-based firm is fighting for its survival now as businesses move to remove its products off the shelves.
NSA and its contractor problems came back to life again as the WSJ reported that hackers in 2015 targeted an NSA employee to steal classified materials. The contractor took the classified data home and opened the documents on their personal computer that had Kaspersky AV running. Described as one the most significant security breaches, the hack revealed to the Russian intelligence how the United States "penetrates foreign computer networks, the computer code it uses for such spying, and how it defends networks inside the US."
The data, in short, exposed both how the US protects its own internal networks and its cyberattack strategies, potentially voiding NSA's defensive and offensive capabilities. While the breach yet again shows how the agency continues to fail to protect its classified data, it also brings Kaspersky at the forefront of the increasing cyber-tensions between the US and Russia.
Businesses caught in a geopolitical fight between US and Russia
The AV firm had previously said that it's "caught in the middle of a geopolitical fight where each side is attempting to use the company as a pawn in their political game." However, the Trump administration believes that the stolen data could help Russians defend against US hacks and attack critical systems in the US.
Now, Office Depot and Best Buy are removing Kaspersky Lab products, offering free "uninstall" for customers who had bought the AV products.
A friend found this. Wow. pic.twitter.com/STJcSdzCLb
— Gadi Evron (@gadievron) October 8, 2017
The ban first came into effect last month when the US government put an official ban on the use of Kaspersky products in the military and federal agencies. Earlier in August, the FBI was also reportedly pushing large US tech companies to cut ties with the firm and remove products from their computers.
While it is unclear if the AV firm was in any way colluding with the Russian government as the US government may want everyone to believe, the episode will certainly affect Kaspersky's business in the country. For one, NSA isn't getting as much criticism as it was previously when the data was leaked through its contractors - Kaspersky certainly seems to be a good distraction at the moment for the agency.
However, after Russia booting LinkedIn out of the country and eyeing Facebook next, no one can push the US government to continue supporting a Russian private company even if currently there's no strong evidence of the AV firm working alongside the Russians. On its part, Kaspersky hasn't been responding well to the story as well, calling out the publications for not naming the sources - which never happens in these critical national security stories.
But Eugene Kaspersky did make one good point, "no matter how great security technologies and measures are, the security of millions can be easily compromised by the oldest threat actor there is – a $5 USB stick and a misguided employee."
