General Discussion

jpak

(41,757 posts) Tue Oct 10, 2017, 10:05 PM Oct 2017

Israel hacked Kaspersky, then tipped the NSA that its tools had been breached

https://www.washingtonpost.com/world/national-security/israel-hacked-kaspersky-then-tipped-the-nsa-that-its-tools-had-been-breached/2017/10/10/d48ce774-aa95-11e7-850e-2bdd1236be5d_story.html?utm_term=.3a8e702200c6

In 2015, Israeli government hackers saw something suspicious in the computers of a Moscow-based cybersecurity firm: hacking tools that could only have come from the National Security Agency.

Israel notified the NSA, where alarmed officials immediately began a hunt for the breach, according to people familiar with the matter, who said an investigation by the agency revealed that the tools were in the possession of the Russian government.

Israeli spies had found the hacking material on the network of Kaspersky Lab, the global anti-virus firm under a spotlight in the United States because of suspicions that its products facilitate Russian espionage.

Last month, the Department of Homeland Security instructed federal civilian agencies to identify Kaspersky Lab software on their networks and remove it on the grounds that “the risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security.” The directive followed a decision by the General Services Administration to remove Kaspersky from its list of approved vendors. And lawmakers on Capitol Hill are considering a governmentwide ban.

<more>

11 replies

= new reply since forum marked as read

Highlight:

Israel hacked Kaspersky, then tipped the NSA that its tools had been breached (Original Post) jpak Oct 2017 OP

Israel knows of our NSA hacking tools? From the article... Purveyor Oct 2017 #1

So the Israeli spies are prowling around inside Kaspersky unc70 Oct 2017 #2

The NSA evidently had shared the tools with Israel. Beakybird Oct 2017 #3

"evidently" my ass... nt Purveyor Oct 2017 #4

Not when it comes to espionage. Xolodno Oct 2017 #5

The NSA paid RSA $10 million to make Dual_EC_DRBG default. joshcryer Oct 2017 #8

I agree unc70 Oct 2017 #9

I credit the Israeli's in this context. joshcryer Oct 2017 #10

With regards to Israel leanforward Oct 2017 #6

Why are our government agencies buying software from Russia? nt Blue_true Oct 2017 #7

The Outrage is hillarious indeed! floppyboo Oct 2017 #11

Purveyor

(29,876 posts)

1. Israel knows of our NSA hacking tools? From the article...

Reply to jpak (Original post)

Tue Oct 10, 2017, 10:11 PM

Oct 2017

"hacking tools that could only have come from the National Security Agency"

Interesting, indeed.

unc70

(6,113 posts)

2. So the Israeli spies are prowling around inside Kaspersky

Reply to jpak (Original post)

Tue Oct 10, 2017, 10:16 PM

Oct 2017

Last edited Tue Oct 10, 2017, 11:48 PM - Edit history (1)

And they just happen to notice files that they, the Israelis, recognize as being from the NSA. Let that sink in. Are there any good guys in all this?

Beakybird

(3,333 posts)

3. The NSA evidently had shared the tools with Israel.

Reply to unc70 (Reply #2)

Tue Oct 10, 2017, 10:25 PM

Oct 2017

Purveyor

(29,876 posts)

4. "evidently" my ass... nt

Reply to Beakybird (Reply #3)

Tue Oct 10, 2017, 10:28 PM

Oct 2017

Xolodno

(6,390 posts)

5. Not when it comes to espionage.

Reply to unc70 (Reply #2)

Tue Oct 10, 2017, 10:30 PM

Oct 2017

Remember, Israel had a spy in the US Government to steal secrets.

joshcryer

(62,270 posts)

8. The NSA paid RSA $10 million to make Dual_EC_DRBG default.

Reply to unc70 (Reply #2)

Tue Oct 10, 2017, 11:17 PM

Oct 2017

Then OpenSSL and the rest of the crypto community decided to not implement Dual_EC_DRBG because it lacked robust analysis and had serious flaws (one key being that the hash function used preset variables that could in theory be used as a private key to decrypt a hash).

OpenSSL notably decided not to implement Dual_EC_DRBG for this reason: https://archive.is/RwwXu

But, in a twist of patheticness, OpenSSL was compromised by Heartbleed. A vulnerability that the NSA, NIST, and CIA should have protected the American people from, yet every indication is that the NSA actually used Heartbleed in its FaceBook chat exploit.

Who's the enemy here?

US intel doesn't give two fucks about the American public or American security. They fell into their own kind of apathetic nature due to the power that they wield.

unc70

(6,113 posts)

9. I agree

Reply to joshcryer (Reply #8)

Tue Oct 10, 2017, 11:52 PM

Oct 2017

RSA and it’s various related companies have always been part and parcel with US and Israeli black ops.

joshcryer

(62,270 posts)

10. I credit the Israeli's in this context.

Reply to unc70 (Reply #9)

Wed Oct 11, 2017, 12:02 AM

Oct 2017

And I credit those who found the Heartbleed exploit, because every indication is that the NSA was using it against the US public.

leanforward

(1,076 posts)

6. With regards to Israel

Reply to jpak (Original post)

Tue Oct 10, 2017, 11:09 PM

Oct 2017

Thank you.

Blue_true

(31,261 posts)

7. Why are our government agencies buying software from Russia? nt

Reply to jpak (Original post)

Tue Oct 10, 2017, 11:13 PM

Oct 2017

floppyboo

(2,461 posts)

11. The Outrage is hillarious indeed!

Reply to jpak (Original post)

Wed Oct 11, 2017, 12:03 AM

Oct 2017

Headline Breaking News:
US finds out their spyware sucks and the security that didn't catch the other guy doing the exact same thing - since 1946.
Blames hackers for out hacking them.

Uh, I just don't get the outrage

Reply to this discussion