Russia Used Security Software To Steal NSA Tactics — Here's What You Need To Know
ALL YOUR INFORMATIONS ARE BELONG TO US
·Updated:
·

The Wall Street Journal reports that Russian government hackers stole critical cyberattack and security data from an NSA contractor who moved the classified information to his home computer. Here's what you need to know.

Hackers Stole Information About US Cyber Warfare Tactics

Hackers stole information detailing multiple US cybersecurity capabilities, including US cyber attack tactics, the code used for such attacks and how the US defends its own networks.

The US has been known to use cyber attacks to surveil or sabotage other countries, including Iran and China. In 2010, the US destroyed Iranian centrifuges with a cyber attack. In 2013, Edward Snowden revealed that the US had hacked a mobile phone company to collect text messages.

The Hackers Targeted The Contractor Through Their Use Of Russian Security Software

The hackers appear to have targeted the contractor after identifying the files through the contractor's use of a popular antivirus software made by Russia-based Kaspersky Lab, these people said.

[The Wall Street Journal]

The hack occurred in 2015 but was only discovered this spring. 

Kaspersky Software Was Banned By The Government Earlier This Year

Kaspersky security software was banned for government use earlier this year after the government said it posed a security risk. The revelation that the software was used by hackers to gain access to classified US information before the directive indicates that the attack was most likely the motivation for the policy change. In a statement made in September, the Department of Homeland Security (DHS) explained why Kaspersky posed a threat to the US:

The Department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks. The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security.

[Department Of Homeland Security]

At the time, Kaspersky claimed it was being treated unfairly. Months before the directive, the General Services Administration removed Kaspersky from a list of approved vendors, and Best Buy stopped selling Kaspersky software.

Cyber Attacks This Spring Stemmed From NSA Software

In the spring of 2017, two separate cyber attacks used NSA software against Britain and Ukraine. The attacks hit hospitals, a nuclear plan and a pharmaceutical company. The government blamed North Korea and Russia.

Two weeks ago, the United States — through the Department of Homeland Security — said it had evidence North Korea was responsible for a wave of attacks in May using ransomware called WannaCry that shut down hospitals, rail traffic and production lines. The attacks on Tuesday against targets in Ukraine, which spread worldwide, appeared more likely to be the work of Russian hackers, though no culprit has been formally identified. 

[The New York Times]

 It's unclear if the attacks and the spring hack of the NSA are connected.

Russia Has Bolstered North Korea's Cyber Infrastructure

Information sharing between Russia and North Korea isn't out of the question. Russia has been known to work with North Korea, and Sunday, it bolstered North Korea's cyber infrastructure by routing its data through TransTeleCom. The move adds an additional internet path to the country, strengthening its network, which has been under the stress of US cyberattacks. 

The Government Believes That Russia Interfered With The US Election

The NSA hack raises additional questions about its connection to Russia's interference with the US election. Yesterday, the Senate intelligence committee announced that it believed that Russia interfered with the 2016 US election, partially by hacking the DNC and John Podesta's email. The timeline of the NSA hack raises the possibility that information gained from the hack could have influenced Russia's interference in 2016.

A Different NSA Contractor Was Charged For Stealing A Trove Of NSA Data After The Hack

In February, former NSA contractor Harold Martin was charged with 20 crimes for removing over 50 terabytes of data from government premises. The government hasn't accused Martin of using the secrets nefariously, but the NSA hack revealed by the Wall Street Journal shows a government interest in keeping information on government computers. 

<p>Benjamin Goggin is the News Editor at Digg.&nbsp;</p>

Want more stories like this?

Every day we send an email with the top stories from Digg.

Subscribe