In the latest documents leaked by whistleblower Edward Snowden, it seems as though the NSA has hacked into popular security software to track users and hack into networks.
The National Security Agency targeted the likes Kaspersky Labs to try to gain intelligence on the latest security exploits, presumably so that it could use these exploits to its advantage. The NSA worked in conjunction with its British counterpart GCHQ.
"Personal security products such as the Russian antivirus software Kaspersky continue to pose a challenge to GCHQ's CNE [Computer Network Exploitation] capability and SRE is essential in order to be able to exploit such software and to prevent detection of our activities," said a warrant renewal request issued by the GCHQ, detailing why it wanted to infiltrate top security companies.
GCHQ and the NSA attempted to infiltrate Kaspersky Labs through a technique called software reverse engineering, or SRE. The NSA also reportedly closely studied Kaspersky Labs' software to try and find weaknesses. It also was able to obtain sensitive information related to customers through the monitoring of Kaspersky Labs' servers.
"It is extremely worrying that government organizations would be targeting us instead of focusing resources against legitimate adversaries, and working to subvert security software that is designed to keep us all safe," said Kaspersky Labs in a statement. "However, this doesn't come as a surprise. We have worked hard to protect our end users from all types of adversaries. This includes both common cyber-criminals or nation state-sponsored cyber-espionage operations."
It is particularly important that the NSA is targeting antivirus companies because of the trust that they have with customers. Antivirus software needs to be reliable as it is what prevents users from being hacked or from getting viruses on their computers. Not only that, but antivirus software is also often given privileges by an operating system that other software might not get. This gives hackers able to infiltrate antivirus software more leverage to attack a user's data.
Kaspersky Labs was just one of many targets for the two agencies, with NSA's "Project Camberdada" reportedly including at least 23 antivirus companies, including Avast, Eset, F-Secure, and Bit-Defender. Not included in the list, however, are Symantec and McAfee, which are both American, as well as Sophos, which is British.
Kaspersky Labs has been targeted a number of times in the past few months, with the company recently admitting that it had been targeted by hackers originating from Israel.