General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsIsrael hacked Kaspersky, then tipped the NSA that its tools had been breached
https://www.washingtonpost.com/world/national-security/israel-hacked-kaspersky-then-tipped-the-nsa-that-its-tools-had-been-breached/2017/10/10/d48ce774-aa95-11e7-850e-2bdd1236be5d_story.html?utm_term=.3a8e702200c6In 2015, Israeli government hackers saw something suspicious in the computers of a Moscow-based cybersecurity firm: hacking tools that could only have come from the National Security Agency.
Israel notified the NSA, where alarmed officials immediately began a hunt for the breach, according to people familiar with the matter, who said an investigation by the agency revealed that the tools were in the possession of the Russian government.
Israeli spies had found the hacking material on the network of Kaspersky Lab, the global anti-virus firm under a spotlight in the United States because of suspicions that its products facilitate Russian espionage.
Last month, the Department of Homeland Security instructed federal civilian agencies to identify Kaspersky Lab software on their networks and remove it on the grounds that the risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security. The directive followed a decision by the General Services Administration to remove Kaspersky from its list of approved vendors. And lawmakers on Capitol Hill are considering a governmentwide ban.
<more>
Purveyor
(29,876 posts)"hacking tools that could only have come from the National Security Agency"
Interesting, indeed.
unc70
(6,113 posts)Last edited Tue Oct 10, 2017, 11:48 PM - Edit history (1)
And they just happen to notice files that they, the Israelis, recognize as being from the NSA. Let that sink in. Are there any good guys in all this?
Beakybird
(3,333 posts)Purveyor
(29,876 posts)Xolodno
(6,390 posts)Remember, Israel had a spy in the US Government to steal secrets.
joshcryer
(62,270 posts)Then OpenSSL and the rest of the crypto community decided to not implement Dual_EC_DRBG because it lacked robust analysis and had serious flaws (one key being that the hash function used preset variables that could in theory be used as a private key to decrypt a hash).
OpenSSL notably decided not to implement Dual_EC_DRBG for this reason: https://archive.is/RwwXu
But, in a twist of patheticness, OpenSSL was compromised by Heartbleed. A vulnerability that the NSA, NIST, and CIA should have protected the American people from, yet every indication is that the NSA actually used Heartbleed in its FaceBook chat exploit.
Who's the enemy here?
US intel doesn't give two fucks about the American public or American security. They fell into their own kind of apathetic nature due to the power that they wield.
RSA and its various related companies have always been part and parcel with US and Israeli black ops.
joshcryer
(62,270 posts)And I credit those who found the Heartbleed exploit, because every indication is that the NSA was using it against the US public.
leanforward
(1,076 posts)Thank you.
Blue_true
(31,261 posts)floppyboo
(2,461 posts)Headline Breaking News:
US finds out their spyware sucks and the security that didn't catch the other guy doing the exact same thing - since 1946.
Blames hackers for out hacking them.
Uh, I just don't get the outrage