Kaspersky working with Russian Intelligence

[Digerati]

Kaspersky Lab Has Been Working With Russian Intelligence - Bloomberg
Exclusive: Congress asks U.S. agencies for Kaspersky Lab cyber documents | Reuters

I was wondering when someone would finally start to question what this Moscow Russia based company was up too. I'm am certainly not an expert on Russian oligarchs, but it just seems unlikely (to me) the billionaire CEO of Kaspersky Labs could not be so rich and successful in a communist country like Russia without some ties to even more powerful people in the government.

My real fear is the executives really don't know who (what "agency") all their employees really work for, or what code any "planted" employees may have clandestinely inserted in Kaspersky products or systems. This allows them, knowingly or not, to maintain plausible deniability.

I don't believe normal citizens with their home computers need worry, but I would think twice about using their products on any government, corporate or institutional systems.

Personally, I would not take the chance.

 

[mdonah]

Kaspersky's Russian roots are the reason none of their software will make it onto my computers.

 

[Digerati]

I am certain most of their employees are totally sincere and honest, just trying to put shoes on their kids' feet, a roof over their heads and food on the table. But considering this is all about cyber-security with Russia and Putin being very active antagonists in cyber-"warfare" against the US and NATO member countries, I think it would be foolhardy to ignore the possibility of some hidden agenda with their products.

None will go on my systems either - if I can help it. The problem is, as noted in that Bloomberg link above, Kaspersky has many licensing agreements to embed their software in other products like PoS computers and ATMs. Kaspersky is already moving into IoT devices, maybe home routers too. But this licensed code is often re-branded code. That is, there is no indication it comes from Kaspersky. That's scary considering how widespread the use of their products is. I find it especially concerning today with their code in 10s of 1000s of ATMs - direct ties into our banking systems. Imagine how disruptive it would be if suddenly all those ATMs shutdown, or unauthorized access into the direct-deposit or money transfer systems was achieved. :eek4:

I note this 2015 NY Times article reports how Kaspersky Labs "blew the whistle" on alleged US cyber-spying and how Kaspersky founder, Eugene Kaspersky "studied cryptography at a high school co-sponsored by the K.G.B. and once worked for the Russian military". I am flabbergasted their code was allowed on any US government systems in the first place.

To be sure, it is not the company itself I don't trust. It is their communist Russia government overseers. I have similar concerns with Lenovo and its communist China government overseers. I just do not believe either company has autonomous control over their products and services.

Am I being paranoid? Maybe but I don't think so. Having spent nearly 35 years supporting secure communications systems for the DoD and State Dept here and abroad, I believe I have a little insight to justify my concerns. In this global climate and with this topic, being paranoid is better than ignoring it - even as a simple home user. I am worried.

 

[Digerati]

More news:

FBI urging business and government agencies to cut ties with Kaspersky

White House cybersecurity coordinator warns against using Kaspersky Lab software

 

[mdonah]

I saw the CBS News broadcast about it. Maybe you should post at the "other" forum as well since the downloads site still offers Kaspersky products.

 

[Digerati]

I visit many sites every day so not sure what "other" forum you are referring to.

 

[mdonah]

I visit many sites every day so not sure what "other" forum you are referring to.

MajorGeeks. They're still offering Kaspersky products on the MG's download page.

 

[Digerati]

More evidence builds against Kaspersky. What is Kaspersky's role in NSA data theft? Here are three likely outcomes | ZDNet

As for MajorGeeks, I contacted one of the Admins who said they would discuss it. But sadly, nothing has been done as they still host the downloads and several admin and other staff still endorse their products. I can only conclude they don't really care about the security of their readers.

 

[Node]

I think we should look at a more generalized point, of course they're probably helping the Russian government... just like Facebook, Apple, Microsoft and other US-based companies assist the US government.

What really happened: Some US gov. employee had forgot work 'files' are for work only and that malware protection will attempt to catch any malware present on the system, including gov. sponsored malware.

 

[Digerati]

I think we should look at a more generalized point, of course they're probably helping the Russian government... just like Facebook, Apple, Microsoft and other US-based companies assist the US government.

No! It is not at all the same thing! Please exercise due diligence and do your homework first to learn the facts before making such false claims.

Facebook, Apple and Microsoft do NOT plant malicious code on our computers. They do not allow our government to then use such malicious code to steal our documents. And they don't publish those documents for everyone to see.

Learn the difference between privacy and security. Microsoft is NOT trying to learn our real identities, steal our documents or passwords, or hack into our accounts.

What really happened: Some US gov. employee had forgot work 'files' are for work only and that malware protection will attempt to catch any malware present on the system, including gov. sponsored malware.

This is what I am talking about. That is NOT how it happened. And it is clear you don't understand how malware protection is supposed to work.

Yes, an employee took classified documents home. But it was not malware. But even if it was malware, the malware protection is NOT supposed to send it to government spy agencies or distribute it to news agencies.

 

[Node]

I think we should look at a more generalized point, of course they're probably helping the Russian government... just like Facebook, Apple, Microsoft and other US-based companies assist the US government.

No! It is not at all the same thing! Please exercise due diligence and do your homework first to learn the facts before making such false claims.

Facebook, Apple and Microsoft do NOT plant malicious code on our computers. They do not allow our government to then use such malicious code to steal our documents. And they don't publish those documents for everyone to see.

Learn the difference between privacy and security. Microsoft is NOT trying to learn our real identities, steal our documents or passwords, or hack into our accounts.

What really happened: Some US gov. employee had forgot work 'files' are for work only and that malware protection will attempt to catch any malware present on the system, including gov. sponsored malware.

This is what I am talking about. That is NOT how it happened. And it is clear you don't understand how malware protection is supposed to work.

Yes, an employee took classified documents home. But it was not malware. But even if it was malware, the malware protection is NOT supposed to send it to government spy agencies or distribute it to news agencies.

Kaspersky doesn't plant malicious code, steal documents, or anything of the sort either? Also I may not understand fully how all of the technologies and features of security software is presented to us but I can tell you it can intercept SSL connections (in order to find malicious points or verify end-points), upload docs to the cloud for scanning, and other things in which is a viable thing to look at here.

I'd strongly suggest doing your homework and avoid sources like the WSJ. Look within the information security community. :)

Edit: Now that I thought about it, post links to the 'resources' which prove Kaspersky to do all of the bad things you said.

 

[Digerati]

FTR, I have done my homework, in great depth. They did plant malicious code and they did steal files - and that is totally different than uploading suspected malicious code to the cloud for analysis. Facebook, Apple, Microsoft, Avira, AVG, Norton and others do NOT send user files to foreign governments or the news media.

To suggest the WSJ, a news agency dedicated to reporting news on finance and business, is not a reliable source is not understanding the industry. But I did not cite just one source, nor did I expect my word to be taken as fact just because I said it. So I have been citing multiple sources. In fact, I did not even directly cite the WSJ. I did cite ZDNET which cited the WSJ and the Washington Post. I also cited Bloomberg and Reuters, Cyberscope, NYTimes and CBSNews. And the FBI and Congress have all reported concerns over Kaspersky products.

So they all are reporting "Fake news" because Node says otherwise? No. Just because someone does not like what the news media says, that does not make it "fake news".

For the record, I never said or implied Kaspersky did not make good products. Like Lenovo, they do make good stuff. That's part of the problem. Because they do make good products, they have become very popular and therefore, affect many users. The problem is the integrity and agenda of the companies, not the quality of their products. And both companies have shown consumers they cannot be trusted.

Now a simple Google search provides plenty of corroborating evidence, Node. From the BBC, NPR, ABC, The Register, Forbes, and more. Surely they are not all just parrots? You have cited none.

There is no reason to keep this thread open further. If significant news comes forward (one way or the other) it can be re-opened for further discussion.

 

[tom982]

They did plant malicious code and they did steal files - and that is totally different than uploading suspected malicious code to the cloud for analysis.

Have you got a link to corroborating this? I can't find anything to back this and while your links here confirm Kaspersky's involvement, they only speculate on how deep that involvement was.

 

[Digerati]

By malicious code, I mean code within the Kaspersky antivirus program itself. As reported by the Washington Post in that ZDNet article,

...a bombshell story in The Wall Street Journal revealed hackers working for the Russian government had obtained classified NSA data.

At the heart of the story is a claim that hackers in 2015 targeted an NSA employee, who worked for the agency's elite hacking tools development unit (confirmed from additional reporting by The Washington Post), and who took classified materials home and opened on their home computer that was running a Kaspersky antivirus. The report said that the Russian hackers targeted the employee after they identified the NSA files through the antivirus software.

How did the Russian government backed hackers identify the files as NSA files if the Kaspersky software did not send data about those files back to them?

Okay, were Kaspersky and the Russian government caught red-handed with their hands in the cookie jar? No. The Russians are not stupid. In fact, they are extremely clever, if not some of the best in the world, at covering their tracks.

But you don't need eyewitnesses or even a dead body with the killer's DNA all over it to convict the killer of the murder. "Beyond a shadow of doubt" can be established with enough circumstantial evidence - and there is plenty of that. Contrary to what some may want us to believe, the NY Times, Washington Post, Reuters, Bloomberg and others did not all decide to create fake news. They all independently uncovered and reported suspicious behavior and connections to Russian intelligence agencies and more.

Set aside for a minute all the compelling evidence. Other facts are indisputable.

• Kaspersky Labs is a Moscow based company.
• Russia is known to conduct cyber-warfare on democratic societies and the US in particular.
• The CEO, a Russian oligarch has ties to several corrupt Russian leaders and other oligarchs.
• Russian law requires all Russian based companies to make available to Russian intelligence agencies, any data sent through or stored in Russia (Source: Electronic Frontier Foundation)
• Multiple US government departments and agencies have banned, or are considering banning their products - considering the Trump Administration's friendly relationship with Putin and constant denials of Russian meddling, the actions of these departments should be taken seriously.

Then there's

• Russia invades Ukraine.
• Russia invades Crimea.
• Russian aircraft repeatedly buzz US warships

Why reward a company that is working with a government (regardless if by choice or not) that has made it clear they want to destroy the Free World?

Should we be involved in global politics? No! But Kaspersky has forced us into it by invading our homes and personal lives with their consumer software that was sold to us under false pretenses?

This is a no-brainer for me. Unlike Lenovo where no Chinese government connection has been established, we know the Russian government does have ties to Kaspersky.

 

[Digerati]

And today there is even more news.

From The Hill, 10/12/2017, Intrigue grows with new Kaspersky revelations.

The Wall Street Journal reported last week that Russian government hackers stole classified information on National Security Agency (NSA) methods from a contractor’s computer in 2015 by exploiting Kaspersky antivirus software.

On Tuesday, The New York Times reported that Israeli intelligence officers alerted the U.S. that Russian agents were broadly utilizing Kaspersky software to search for American secrets.

It is unclear whether the company had knowledge of the incidents, which Kaspersky has denied any involvement in.

The last comment is disturbing either way you look at it. If the company was not involved, as they claim, and their software was modified by Russian spy agencies, how did they not know? What other modifications were made, and by whom? How can their products be trusted if the company that developed them does not even know what's in them? And if the company was involved, well then, their products can't be trusted.

ARS Technica, on the other hand, reported 10/11/2017, Kaspersky reportedly modified its AV to help Russia steal NSA secrets.

Normally, the programs scan computer files for malware. "But in an adjustment to its normal operations that the officials say could only have been made with the company's knowledge, the program searched for terms as broad as 'top secret,'

Is it likely all these [typically competing!] news agencies, US and Israeli government organizations are really colluding and conspiring in a plot to create misinformation designed discredit Kaspersky Labs and Russia?

 

[tom982]

The last comment is disturbing either way you look at it. If the company was not involved, as they claim, and their software was modified by Russian spy agencies, how did they not know? What other modifications were made, and by whom? How can their products be trusted if the company that developed them does not even know what's in them? And if the company was involved, well then, their products can't be trusted.

I agree it's disturbing, but Piriform (and potentially, Avast by association) suffered the same fate and many still happily use their products - including me and I'm sure many others here.

Remember, a few months back Kaspersky offered the US Government to see their source code: Kaspersky Gives the Government Its Code | WIRED

A bit of a strange offer if they were aware of these modifications.

 

[Digerati]

I agree it's disturbing, but Piriform (and potentially, Avast by association) suffered the same fate

Same fate??? So you feel hacks by hackers is the same thing as hacks by the Russian communist government?

The CCleaner hack affected about 2 million users and the malware was used to steal user information for criminal financial gains. The Kaspersky hack could potentially affect 400 million users and is used to search for and steal classified corporate and government information, send it to a hostile government spy agency for cyber-warfare and espionage. And that's the same thing?

Plus I note Piriform immediately took responsibility and released an update to fix the hack. The Kaspersky software is still under the control of Russian laws - which do not favor the consumer.

 

[tom982]

Of course I'm not comparing the hackers, I think it's quite obvious I was talking about the bit I quoted. All of your points here apply to the Piriform hack:

how did they not know? What other modifications were made, and by whom? How can their products be trusted if the company that developed them does not even know what's in them?

 

[Digerati]

Well, I never excused Piriform for allowing the hack to happen. That was certainly a bad thing too. But the scale of impact, the type of data affected, and the players behind the hack, IMO, don't even compare.