Spying on spies

Israeli intelligence spies were reportedly successful in hacking the Russian spy network. Israeli intelligence officers were thus able to establish that Russian operatives used Kaspersky software to carry their activities.

According to a report in the New York Times, the Israeli spies were successfully able to breach Russian network two years ago.

Background

Kaspersky is a Russian multinational cybersecurity and anti-virus provider headquartered in Moscow, Russia. It is operated by a holding company in the United Kingdom. It boasts over 400 million users and the much of its market is in Europe. The company has denied its ties to the Kremlin, however there is concern within America that Kaspersky Lab is connected to Russian intelligence. 

The cybersecurity and anti-virus provider was founded in 1997 by Eugene Kaspersky. He also serves as the CEO. He studied at a KGB cryptography institute and served in the Soviet military and is one of the most powerful businessmen in Moscow.  Additionally, he was a classmate to a number of Russians who later became spies for the nation. He also wrote the software for the Soviet Army before starting the company. 

Kaspersky is one of largest cybersecurity companies in the world. The software isn’t just used by civilians but also by governments across the world. The company grew to more than $700 million in annual revenues by 2014.

The US intelligence in particular has been suspicious of Kaspersky. FBI agents have for years tried to determine whether Kaspersky executives were connected to Russian intelligence agencies. During a Senate hearing held in May 2017, a number of CIA and FBI agents said that they did not trust the Kaspersky software.

The Israeli Intelligence Community is made up of Aman (military intelligence), Mossad (overseas intelligence) and Shin Bet (internal security).

Analysis

In September 2017, the US Department of Homeland Security has ordered all government agencies and departments in the country to stop using Kaspersky software. In addition, the Senate also revealed that it was working on passing a bill that will ban Kaspersky software from being used in government agencies – thus codifying the directive into law. Eugene Kaspersky and the company have repeatedly denied any connections to the KGB or to the Moscow government.

The latest reports have revealed that the US government’s decision to ban Kaspersky was based on information from Israeli intelligence. Israeli intelligence spies reportedly were able to hack into Russian government hackers who were found to be using Kaspersky Lab antivirus software. The Israeli officers were able to breach into the Russian systems nearly two years ago. After hacking into Kaspersky’s network, Israeli officers then alerted the US government. A report in the New York Times has confirmed that the Russian operation was able to steal stolen classified documents from a National Security Agency employee. The employee had improperly stored them on his home computer and he had installed Kaspersky in his system.

All Kaspersky products installed in systems require access to everything stored in the computer. That is how the software is able to identify viruses and malware to remove them automatically. However, this is also how Russian operatives were able to reportedly hack into systems to steal sensitive documents. The White House and the National Security Agency have not publicly commented on the development.

Kaspersky has denied the report. The company said in a statement, “Kaspersky Lab has never helped, nor will help, any government in the world with its cyberespionage efforts" and added that it “respectfully requests any relevant, verifiable information that would enable the company to begin an investigation at the earliest opportunity.”

Assessment

Our assessment is that anti-virus software act as a back-door for spies to hack into sensitive government systems and access digitized data. The Israeli intelligence network, which is considered to be one of the most effective agencies in the world, was able to breach Russian systems. This further proves the vulnerability of digitized data. As we have stated earlier, we believe that it is the right of every national government to do what it deems appropriate to secure its national assets.