Russian hackers stole U.S. cyber secrets from NSA: WSJ report

The theft included information on penetrating foreign computer networks and protecting against cyber attacks

 Russian government-backed hackers stole highly classified U.S. cyber secrets in 2015 from the National Security Agency after a contractor put information on his home computer, the Wall Street Journal reported on Thursday, citing unnamed sources.

The theft included information on penetrating foreign computer networks and protecting against cyber attacks and is likely to be viewed as one of the most significant security breaches to date, the newspaper reported.

The NSA declined to comment, citing agency policy "never to comment on our affiliates or personnel issues." Reuters was not able to independently verify the report.

If confirmed, the hack would mark the latest in a series of breaches of classified data from the secretive intelligence agency, including the 2013 leaks of data on classified U.S. surveillance programs by contractor Edward Snowden.

Republican U.S. Senator Ben Sasse, a member of the Senate Armed Services Committee, said in a statement that, if true, the details in the report were alarming.

"The NSA needs to get its head out of the sand and solve its contractor problem," Sasse said. "Russia is a clear adversary in cyberspace and we can’t afford these self-inflicted injuries.”

The report could ratchet up tension over U.S. claims of a surge in hacking of American targets by Russians, including the targeting of state election agencies and the hacking of Democratic Party computers in a bid to sway the outcome of the 2016 presidential election in favor of Republican Donald Trump.

The newspaper also reported that the contractor used antivirus software from Moscow-based Kaspersky Lab, saying that the Russian hackers may have used that program to identify and target the contractor's files, citing multiple unnamed sources.

Kaspersky's products were banned from U.S. government networks last month due to suspicions they help the Kremlin conduct espionage.

The firm, which has strongly denied those allegations, issued a statement on Thursday saying it found itself caught in the middle of a geopolitical fight.

"Kaspersky Lab has not been provided any evidence substantiating the company’s involvement in the alleged incident reported by the Wall Street Journal," it said. "It is unfortunate that news coverage of unproven claims continue to perpetuate accusations about the company."

“As a private company, Kaspersky Lab does not have inappropriate ties to any government, including Russia, and the only conclusion seems to be that Kaspersky Lab is caught in the middle of a geopolitical fight,” the company said.

“We make no apologies for being aggressive in the battle against malware and cybercriminals. The company actively detects and mitigates malware infections, regardless of the source, and we have been proudly doing so for 20 years, which has led to continuous top ratings in independent malware detection tests.

“It’s also important to note that Kaspersky Lab products adhere to the cybersecurity industry’s strict standards and have similar levels of access and privileges to the systems they protect as any other popular security vendor in the U.S. and around the world.”

The Department of Homeland Security on Sept. 13 banned Kaspersky products in federal networks, and the U.S. Senate approved a bill to ban them from use by the federal government, citing concerns the company may be a pawn of the Kremlin and poses a national security risk.

James Lewis, a cyber expert with the Washington-based Center for Strategic and International Studies think tank, said the report of the breach sounded credible, though he did not have firsthand information on what had transpired.

"The baffling parts are that he was able to get stuff out of the building and that he was using Kaspersky, despite where he worked," Lewis said. He added that intelligence agencies have considered Kaspersky products to be a source of risk for years.

Democratic Senator Jeanne Shaheen, who led calls in Congress to purge Kaspersky Lab products from government networks, on Thursday called on the Trump administration to declassify information about threats posed by Kaspersky Lab.

"It's a disservice to the public and our national security to continue withholding this information," she said in a statement.

(Reporting by Dustin Volz and Joseph Menn; Additional reporing by Warren Strobel and John Walcott; writing by Doina Chiacu; Editing by Cynthia Osterman, Jim Finkle and Jonathan Oatis)

Join the newsletter!

Error: Please check your email address.

Tags securitycyber security

More about Armed Services CommitteeKasperskyNational Security AgencyNSAWall Street

Show Comments

Market Place