The State of Israel performed a huge service for the United States; when Russian government hackers searched computers around the world for the code names of American intelligence programs, Israeli officials managed to hack into the Russian network in 2014 and report the threat to the United States. They gave the National Security Agency (NSA) screenshots and other documentation to prove their claims were true.
Israel discovered the threat when a search tool from Russia’s Kaspersky Lab, used by 400 million people around the world as well as officials at some two dozen American government agencies, including the State Department, the Department of Defense, Department of Energy, Justice Department, Treasury Department and the Army, Navy and Air Force, was busy stealing classified documents from a National Security Agency employee who left them on his home computer.
Israeli officials alerted the United States to the Russian threat, and in August the U.S. government ordered Kaspersky software removed from government computers. On September 13, the Department of Homeland Security (DHS) ordered all federal executive branch agencies to terminate their use of Kaspersky products.
The New York Times explains:
Like most security software, Kaspersky Lab’s products require access to everything stored on a computer in order to scour it for viruses or other dangers. Its popular antivirus software scans for signatures of malicious software, or malware, then removes or neuters it before sending a report back to Kaspersky. That procedure, routine for such software, provided a perfect tool for Russian intelligence to exploit to survey the contents of computers and retrieve whatever they found of interest.
The Wall Street Journal has reported Russian hackers stole classified NSA materials from a contractor using the Kaspersky software.
Kaspersky Lab said it was not involved in hacking, stating, “Kaspersky Lab has never helped, nor will help, any government in the world with its cyberespionage efforts.”
The NSA does not employ the Kaspersky antivirus, as it knows it can be used to hack into systems. Blake Darché, a former NSA operator, told the Times, “Antivirus is the ultimate back door. It provides consistent, reliable and remote access that can be used for any purpose, from launching a destructive attack to conducting espionage on thousands or even millions of users.”
DHS stated, “The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security.”