According to a story published by the New York Times on October 10, Israeli government hackers apparently hacked into Kaspersky’s network in 2015 and caught Russians trying to hack the US government.
This follows up a previous story by published the Wall Street Journal on October 5, claiming that Kaspersky, a Russian antivirus provider, left a backdoor in its software, which the Russian government hackers used to steal highly classified NSA documents and hacking tools in 2015.
Having quoted multiple anonymous sources from US intelligence community, the Wall Street Journal article failed to provide any substantial evidence to prove if Kaspersky was intentionally involved with the Russian spies or some hackers simply exploited any zero-day vulnerability in the Antivirus product. That is, if the incident even really happened at all.
The New York Times story, quoting an anonymous source from Israeli Intelligence Agency, seems to be an another attempt to push this narrative.
“The role of Israeli intelligence in uncovering [the Kaspersky Labs] breach and the Russian hackers’ use of Kaspersky software in the broader search for American secrets have not previously been disclosed,” the New York Times reported.
According to the published story, US officials began an immediate investigation in 2015 after Israel officials notified the National Security Agency (NSA) about the possible breach.
In mid-2015, Moscow-based Kaspersky Lab detected a sophisticated cyber-espionage backdoor within its corporate network and released a detailed report about the intrusion, although the company did not blame Israel for the attack.
At the time, Kaspersky said that some of the attack code the company detected shared digital fingerprints with the infamous Stuxnet worm, the malware which was developed by America and Israel to sabotage Iran’s nuclear program in 2010.
This suspicion of malicious Kaspersky’s behaviour eventually led the US Department of Homeland Security (DHS) to ban and remove Kaspersky antivirus software from all of its government computers. This was followed by the US National Intelligence Council sharing a classified report concluding that the Russian FSB intelligence agency had access to Kaspersky’s databases as well as the source code.
However, Kaspersky Lab has always denied any knowledge of, or involvement in, any cyber espionage operations. “Kaspersky Lab has never helped, nor will help, any government in the world with its cyberespionage efforts,” Kaspersky’s founder Eugene Kaspersky said in a statement.