Sometimes cybersecurity news is just plain bizarre. Take the Kaspersky Labs controversy. The story is part spy thriller, part international intrigue.
Below, CyberPolicy examines the headline-grabbing tale and tells you what you need to know. And don't forget to visit our homepage to receive free cybersecurity insurance quotes for your small business.
Whose Fault Is It Anyway?
If you like your stories tied up with a neat little bow, then this is not the article for you. One of the first things you'll realize about this story is that no one agrees on the facts. So, brace yourself for a bumpy ride.
Sometime in 2014 or 2015, the National Security Agency (NSA) suffered a serious data breach (the exact date is disputed). The Wall Street Journal reports the Russian government stole details on how the U.S. government penetrates foreign computers and defends against cyberattacks. How did this information get out?
WSJ claims that hackers targeted an NSA contractor who took his work home with him, so to speak. His work, apparently, included a “top secret” hacking tool used by the agency. Per this version of the story, the contractor's antivirus software (produced by Moscow-based Kaspersky Lab) swiped the hacking tool from his computer. This may have been done at the behest of the Russian government.
As you know, American and Russian relations have been tenuous as of late. U.S. intelligence agencies determined that the Russian government hacked the 2016 presidential election using fake news, troll farms, and data theft.
The mistrust of Russia is so severe that the U.S. banned Kaspersky Lab software from government networks in September.
Of course, the story sounds a little different coming from Kaspersky Lab. According to the Moscow-based company, the antivirus program stumbled on the code by mere happenstance.
“[The] logs showed that the consumer version of Kaspersky's popular product had been analyzing questionable software from a U.S. computer and found a zip file that was flagged as malicious," writes the New York Post. “While reviewing the file's contents, an analyst discovered it contained the source code for a hacking tool… The analyst reported the matter to chief executive Eugene Kaspersky, who ordered that the company's copy of the code be destroyed.”
Kaspersky Lab claims that no third parties saw the code, nor did they share it with anyone else. So, what really happened here? Did the Russian government use Kaspersky Lab as an attack vector? Did the antivirus software only do what it was meant to do? If so, then Kaspersky Lab handled the incident respectably.
Then again, there is actually a third option floating around. Chief executive Eugene Kaspersky once implied that his company's systems may have been hacked by the Russian government. He later walked back those claims.
We may never know exactly what happened. These are intelligence agency matters, after all. Their power lies in secrecy. And a secret shared is power halved.
Still, there are lessons private businesses can glean from these events. First, it is never a good idea to handle sensitive corporate data from a personal computer. It is much safer on a protected company network.
Second, the contractor appears to have downloaded malware through a pirated version of Microsoft Office. This may have driven him to download the antivirus software in the first place. Who knew events would spiral out of control like this? The takeaway: avoid pirating software.
Finally, be careful who you trust. Kaspersky Lab is a well-known consumer antivirus software. And the company is making an effort to restore its reputation through a “global transparency initiative.” Whether Kaspersky Lab is responsible is up for debate. What isn't, is the need to work with trusted partners.
Looking for a cybersecurity insurance provider you can trust? Visit CyberPolicy for your free quotes today.
