Announcement

Collapse
No announcement yet.

Kaspersky

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Kaspersky

    Russia’s Kaspersky Lab still sees potential in Ukrainian market despite sanctions
    Oct. 16, 2015, Bozhena Sheremeta KYIV POST

    Kaspersky Lab, the Moscow-based Internet security software developer, made the list of corporations sanctioned by the presidential administration amid Russia's war against Ukraine.

    Although Kaspersky cannot sell its products to state-run organizations, the company is still promoting its globally recognized brand in Ukraine.

    At the Cybersecurity Forum Ukraine, held by Kaspersky Lab in Kyiv’s Opera Hotel on Oct. 6-7, company officials refused to comment how much they predict sanctions will affect their sales volumes in Ukrainian.

    The company has been selling high-quality cyber-security software in more than 200 countries since 1997.

    Kaspersky Lab in 2014 accounted for about 50 percent of the Ukrainian antivirus software market, according to International Data Corporation. This year due to sanctions, the firm’s market share might shrink by around 14 percent, according to Oleksandr Savushkin, head of Kaspersky in Northern-Eastern Europe.

    “I am proud, though, that people divide politics and business,” Savushkin said.

    Kaspersky expects companies in the private sector to continue buying its antivirus software to continue protecting commercial data from the expanding range of cyber crimes to which Ukraine is prone. Almost 4 million cyber attacks infect computers worldwide on a daily basis and 10 percent of those target entities, not exclusively individuals.

    In January-September of this year Ukraine has become the third most-prone country in the world at risk of web-based infection, according to data provided by Kaspersky. More than a third of the population encountered web-based malware through this period.

    Ukrainians are also at risk of mobile malware infections, Kaspersky research found. In the second quarter of 2015, around 4 million people encountered malware on their mobile devices. “Most people today protect their computers only and don’t think about protecting phones. They underestimate these threats,” said David Em, the senior technology consultant at Kaspersky.

    Ukrainian Internet users are mostly prone to malware because they use pirated or outdated software, Em said. Around 17 percent of Ukrainian Internet users that get affected by cyber threats still use an outdated operating system.

    In order to attract users to use websites that infect their computers with malware, many cyber hackers speculate on spreading information that relates to the escalating political conflict between Russia and Ukraine. Many computers get infected through spam emails and messages on social networks.

    Jaap van Oss, team leader of the cyber crime group at Europol, said that changes on the legislative level cannot help mitigate the cyber attack threats that Ukrainian businesses face.

    “If we look at crypto lockers (a special type of malware that locks all data on the computer in return for a financial award), they mostly target small and medium enterprises. If data is locked, the business stops running,” Oss explained.

    Ukraine also generated 2 percent of all web attacks in the world in the second quarter of 2015. Russia remains the top producer of malware globally, having generated more than the half of global web attacks.

    “Malware producers want to get better every day to invade us. Until just 2011 the volume of cyber attacks was very low, but after 2011, they started attacking small and medium enterprises on a bigger scale, stealing contact and banking information,” said Em. Russia’s Kaspersky Lab still sees potential in Ukrainian market despite sanctions
    ================
    Three months into Russia's incursion into Ukraine, I canceled my Kaspersky acct. Any IT co controlled by the Kremlin is not for me.

    æ, !

    Hannia - Hania - Mighthelp

  • #2
    I'm reminded of this video




    See whats been posted in the past day.


    Contact forum moderators here.

    Comment


    • #3
      Red panic: Kaspersky pulled from major US retailer’s shelves, banned from federal government computers
      EAST-WEST DIGITAL NEWS September 11, 2017

      US retailer Best Buy has pulled from its shelves Kaspersky Lab’s PC security software amid fears of Kremlin spies using the antivirus tool to snoop on Americans — even though there is no concrete evidence to indicate that the security software is a threat.

      In an exchange with UK’s The Register, the store chain confirmed its decision, but declined to comment on the reasons for the ban.

      “Kaspersky Lab has enjoyed a decade-long partnership with Best Buy and its customer base, and will continue to offer its industry-leading cybersecurity solutions to consumers through its website and other retailers,” the cyber security company told The Register.

      “The relationship may be re-evaluated in the future,” Kaspersky Lab hopes.

      Meanwhile US Senator Jeanne Shaheen introduced an amendment to the National Defense Authorization Act that would ban Kaspersky software from any federal computer, following on from her earlier ban on the software being used by the Department of Defense.

      Western cybersecurity circles are not unanimous in this matter. Philipp Chertoff, a research fellow at the EU/NATO policy think tank GLOBSEC Policy Institute, believes that the US Government should not ban Kaspersky security software.

      “If the US government has concerns beyond mere association with foreign intelligence services, if it truly believes certain technology products maintain vulnerabilities for foreign governments, officials should work with firms to provide a transparent process for reviewing such issues. Kaspersky has indicated its willingness to submit its products to review,” the cyber security researcher wrote. Red panic: Kaspersky pulled from major US retailer’s shelves, banned from federal government computers

      æ, !

      Hannia - Hania - Mighthelp

      Comment


      • #4
        UK spymasters raise suspicions over Kaspersky’s Russia links - FT
        British spymasters fear that anti-virus software given away for free by Barclays to more than 2 million customers may be being used as an intelligence-gathering tool by the Russian government, the Financial Times reports.
        UNIAN 13 Nov 2017

        A senior Whitehall official told FT that GCHQ, Britain’s digital surveillance agency, has harbored concerns for months over the distribution in the UK of software from Kaspersky Lab, one of the world’s most successful computer security companies.
        GCHQ suspects that Kaspersky may have been exploited by the FSB, the successor organization to the KGB, to snoop on sensitive foreign targets.
        Barclays, which has offered free subscriptions of the anti-virus software to users of its online banking services since 2008, is seeking to end its arrangement with Kaspersky.

        Intelligence officials worry that the widespread distribution of Kaspersky by Barclays in particular exposes at-risk individuals — such as employees of British government departments or members of the military — who are customers of the bank and have downloaded Kaspersky software to boost their home security. No evidence suggests that any data of Barclays customers have been compromised by use of Kaspersky software on their computers.

        Barclays officials said they were seeking to quit the deal with Kaspersky for commercial reasons and that the move had no connection with GCHQ concerns. Officials at both Barclays and GCHQ said the two organizations had not discussed concerns over Kaspersky at any point.

        “We have never received any advice or guidance from GCHQ or the National Cyber Security Centre in relation to Kaspersky

        The NCSC, the arm of GCHQ that liaises with the private sector to improve national cyber security, said: “The NCSC has never advised Barclays against the use of Kaspersky products. Any suggestion to the contrary is categorically untrue. The NCSC is not a regulator and does not mandate or ban any products. Our certification schemes do not currently cover anti-virus or anti-malware services.”

        Public controversy around Kaspersky has been mounting since September, when the U.S. Department of Homeland Security banned the software provider from all U.S. government agencies.

        U.S. and Israeli intelligence agencies have allegedly gathered evidence of “several” occasions in which Kaspersky was used by Russian agencies to hack sensitive information, according to senior western intelligence officials spoken to by the FT.

        Kaspersky denied the allegations and said it did not have “inappropriate ties with any government”.

        Kaspersky is one of the most popular anti-virus products worldwide, with more than 400 million users. It is used by a number of large businesses within the UK besides Barclays. The company began offering a pared-back version of its main anti-virus software for free to anyone in July.

        The British government has not publicly announced a position on the software provider. Concerns over Kaspersky being used as a Russian government proxy in Britain were nevertheless so great that the matter was also brought to the attention of Boris Johnson, the foreign secretary.

        Kaspersky has its headquarters in Russia and is headed by Eugene Kaspersky, a former KGB-trained Soviet military intelligence officer. Concerns over its connections to the Russian secret state have been prevalent in western intelligence circles for some years. If you see a spelling error on our site, select it and press

        https://www.unian.info/world/2239136...-links-ft.html

        æ, !

        Hannia - Hania - Mighthelp

        Comment


        • #5
          U.S. Flagged Russian Firm Kaspersky as Potential Threat as Early as 2004
          Intelligence agencies have expressed concern about the cybersecurity company’s software
          Paul Sonne WALL STREET JOURNAL Nov. 17, 2017 5:42 p.m. ET

          WASHINGTON—A Russian cybersecurity firm whose products current and former U.S. officials suspect Moscow has used as a tool for spying was flagged by U.S. military intelligence as a potential security threat as early as 2004, according to new information the Defense Department provided to Congress.

          In 2013, the Defense Intelligence Agency, the U.S. military spy service, also issued a Pentagon-wide threat assessment about products made by the company, Kaspersky Lab, according to an email this week from the Pentagon to the House Committee on Science, Space and Technology. The contents of the assessment weren’t disclosed.

          The DIA “began producing threat reporting referencing Kaspersky Lab as a threat actor as early as 2004,” according to the email, reviewed by The Wall Street Journal, raising questions about why other federal agencies continued to use the firm’s products.

          The Journal reported in October that hackers suspected of working for the Russian government targeted a National Security Agency contractor through the contractor’s use of Kaspersky Lab antivirus software and stole details of how the U.S. penetrates foreign computer networks.

          Kaspersky has long said it doesn’t assist the Russian government with spying on other countries.

          The revelation about Kaspersky comes as concern over Russian infiltration of American computer networks and social-media platforms is growing after the U.S. intelligence assessment that the Russian government worked to help President Donald Trump’s 2016 campaign. Russia has denied meddling in the election.

          Kaspersky published a report on Thursday saying that the computer it believes may have belonged to the NSA contractor in question was infected with other malware that could have been responsible for ex-filtrating information.

          The company said in a separate statement, in response to the revelation that U.S. military intelligence flagged the firm as a threat actor, that it remains “ready to work with the U.S. government to address any and all concerns and further collaborate to mitigate against cyber threats, regardless of their origin or purpose.” It added: “we maintain that there has yet to be any credible evidence of the risks presented by the company’s products.”

          The DIA’s threat analysis center, established in 2009, circulated analysis regarding Kaspersky Lab to various acquisition programs within the Pentagon, according to the email. It also made its views about the potential threat posed by Kaspersky Lab known to other agencies as early as 2012, the email said.

          The email the Pentagon official sent this week was a follow-up to questions posed by the committee chairman, Rep. Lamar Smith (R., Texas), about why the Pentagon had decided not to use Kaspersky products while other U.S. federal agencies felt safe to do so.

          A top Pentagon cybersecurity official, Essye Miller, told the committee at a hearing this week that the Defense Department hadn’t used Kaspersky products because of intelligence information regarding the firm.

          Still, other federal agencies didn’t follow the same precautions and used Kaspersky products. Jeanette Manfra, a top Department of Homeland Security official, said at the hearing that roughly 15% of the federal agencies that checked to see if Kaspersky was operating on their systems found the company’s products. DHS has set a Dec. 12 deadline for all U.S. government agencies to remove the firm’s software.

          “We expect to continue to get more information and also get those basic questions answered—like why did they ever start using Kaspersky Lab products?” Rep. Smith said.

          æ, !

          Hannia - Hania - Mighthelp

          Comment


          • #6
            RFE/RL: Kaspersky Lab chief says company banned from advertising on Twitter
            Kaspersky Lab insists that a majority of its promoted content on Twitter is about cybersafety.
            UNIAN 22:55, 20 April 2018

            Kaspersky Lab says it has been banned from running advertisements on Twitter amid claims the Russian cybersecurity company has ties to Russia's intelligence agencies.

            Kaspersky Lab's founder, Yevgeny Kaspersky, revealed the move in an open letter published on his company's website on April 20, RFE/RL said.

            Kaspersky said the social-media network told his company in a letter that the decision was based "on our determination that Kaspersky Lab operates using a business model that inherently conflicts with acceptable Twitter Ads business practices."

            Twitter was not immediately available to comment, but Reuters quoted an e-mailed statement it had received with the exact same wording.

            Kaspersky said in his letter that he couldn't understand how the company's business model conflicts with Twitter policy since a majority of its promoted content on Twitter is about cybersafety, along with research reports about the information security industry.

            "We haven't violated any written – or unwritten – rules, and our business model is quite simply the same template business model that's used throughout the whole cybersecurity industry: We provide users with products and services, and they pay us for them," he wrote.

            "What specific (or even non-specific) rules, standards and/or business practices we violated are not stated in the letter. In my view, the ban itself contradicts Twitter's declared-as-adopted principle of freedom of expression," he added.

            In January, Kaspersky was included on a U.S. Treasury Department list of 210 officials and billionaires from Russia's ruling elite, exposing them to scrutiny and potential future sanctions.

            The list includes 43 of Russian President Vladimir Putin's aides and advisers, including Kremlin spokesman Dmitry Peskov, 31 cabinet ministers including Prime Minister Dmitry Medvedev and Foreign Minister Sergei Lavrov, senior lawmakers, and top officials in Russia's intelligence agencies.

            In addition to Kaspersky, who claims to have no ties with the Kremlin or Russian government, business tycoons on the list include Roman Abramovich, Alisher Usmanov, U.S. NBA basketball team owner Mikhail Prokhorov, and aluminum magnate Oleg Deripaska. UNIAN: https://economics.unian.info/1008946...n-twitter.html

            æ, !

            Hannia - Hania - Mighthelp

            Comment


            • #7
              U.S. Case Involved Alleged Russian Intelligence Theft Through Kaspersky
              RFE/RL September 26, 2018 02:30 GMT

              A U.S. intelligence worker has been sentenced to prison for transferring top-secret material to a home computer that was allegedly accessed by Russian intelligence through Kaspersky software.

              Nghia Hoang Pho, 68, a 10-year veteran of the National Security Agency's (NSA) elite Tailored Access Operations hacking unit, was sentenced to 66 months in prison on September 25 after pleading guilty in December to willfully retaining classified national defense information.

              Authorities discovered that between 2010 and 2015, he had taken home what they called "massive troves" of top-secret data that eventually ended up in the hands of Russian intelligence.

              Vietnam-born Pho put the information on his home computer, which was protected by the popular Kaspersky antivirus program.

              U.S. authorities believe that Russian intelligence was able to access his computer through Kaspersky.

              The leak was one of the most devastating ever for the NSA, one of the U.S. government's most important spy agencies, and significantly set back its operations against foreign targets' computers.

              "As a result of his actions, Pho compromised some of our country's most closely held types of intelligence, and forced NSA to abandon important initiatives to protect itself and its operational capabilities, at great economic and operational cost," said U.S. Attorney Robert Hur.

              The incident is believed to be a key reason for the U.S. government's ban last year on using Kaspersky software on government computers, warning that the company has suspected links to Russian intelligence.

              Kaspersky denies any ties to the Russian government or its spies.

              In order to function, the Kaspersky program needs a computer owner's blanket permission to access the machine's systems.

              It then communicates the results of its antivirus scans to Kaspersky headquarters in Moscow.

              The Wall Street Journal reported last year that a 2015 penetration of Pho's computer led to Russian intelligence obtaining information on how the NSA itself infiltrates foreign computer networks and protects itself from cyberattacks.

              Kaspersky later confirmed the theft, saying what was stolen included essential source code for so-called Equation Group hacking software from the NSA.
              https://www.rferl.org/a/us-nsa-worke.../29510061.html
              With reporting by AFP and Reuters

              æ, !

              Hannia - Hania - Mighthelp

              Comment


              • #8
                Hello there.

                Comment


                • #9
                  Kaspersky Lab treason suspect is hospitalized in critical condition after suffering pulmonary embolism in jail

                  MEDUZA Dozhd 18:05, 11 october 2018

                  Ruslan Stoyanov, the former Kaspersky Lab expert now on trial for treason, was recently rushed to the hospital in critical condition, after suffering a pulmonary embolism on October 1, his lawyer told the independent television network Dozhd. According to Inga Lebedeva, her client was hospitalized after repeatedly losing consciousness.

                  The case against Stoyanov is classified, but he is allegedly charged with passing secret intelligence to the FBI about Russian hackers. Days before Lebedeva revealed that Stoyanov has been in the hospital, the newspapers Kommersant and Novaya Gazeta reported that he and three accomplices, led by former FSB Information Security Center agent Sergey Mikhailov, may have been promised $10 million in exchange for data that led to the unmasking of Russian hackers, potentially including the GRUs Fancy Bear operation, which stole internal records from the Democratic National Convention in the United States.

                  The allegations about a $10-million paycheck have raised some eyebrows. American cyber-crime journalist Brian Krebs, for example, has suggested that the rumor is a fabrication planted by Pavel Vrublevsky, a Russian businessman with notorious ties to hackers, who spent 18 months in prison thanks to investigative work by Mikhailovs FSB unit.

                  Stoyanov has been jailed in Moscow since his arrest in December 2016. His lawyer says hes currently recovering in a private room, guarded by police officers, after spending several days in critical condition. Lebedeva says the hospital conditions are acceptable, but she worries that Stoyanov will be returned to jail prematurely, where medical staff have allegedly neglected his needs, for example by refusing to perform an ultrasound examination, even after he lost consciousness in May.

                  Lebedeva also complained that prison officials appear to be blocking Stoyanovs personal mail, holding letters from his friends and family for months at a time. https://meduza.io/en/news/2018/10/12...bolism-in-jail

                  æ, !

                  Hannia - Hania - Mighthelp

                  Comment


                  • #10
                    Exclusive: How a Russian firm helped catch an alleged NSA data thief
                    POLIT ICO KIM ZETTER 01/09/2019 05:01 AM EST
                    The U.S. has accused Kaspersky Lab of working with Russian spies. But sources say the company exposed a massive breach that U.S. authorities missed.

                    The 2016 arrest of a former National Security Agency contractor charged with a massive theft of classified data began with an unlikely source: a tip from a Russian cybersecurity firm that the U.S. government has called a threat to the country.

                    Moscow-based Kaspersky Lab turned Harold T. Martin III in to the NSA after receiving strange Twitter messages in 2016 from an account linked to him, according to two people with knowledge of the investigation. They spoke with POLITICO on condition of anonymity because theyre not authorized to discuss the case.

                    The companys role in exposing Martin is a remarkable twist in an increasingly bizarre case that is believed to be the largest breach of classified material in U.S. history.

                    It indicates that the governments own internal monitoring systems and investigators had little to do with catching Martin, who prosecutors say took home an estimated 50 terabytes of data from the NSA and other government offices over a two-decade period, including some of the NSAs most sophisticated and sensitive hacking tools.

                    The revelation also introduces an ironic turn in the negative narrative the U.S. government has woven about the Russian company in recent years.

                    Under both the Obama and Trump administrations, officials have accused the company of colluding with Russian intelligence to steal and expose classified NSA tools, and in 2016 the FBI engaged in an aggressive behind-the-scenes campaign to discredit the company and get its software banned from U.S. government computers on national security grounds. But even while the FBI was doing this, the Russian firm was tipping off the bureau to an alleged intelligence thief in the governments own midst.

                    "It's irony piled on irony that people who worked at Kaspersky, who were already in the sights of the U.S. intelligence community, disclosed to them that they had this problem, said Stewart Baker, general counsel for the NSA in the 1990s and a current partner at Steptoe and Johnson. Its also discouraging, he noted, that the NSA apparently still hasnt figured out a good way to find unreliable employees who are mishandling some of their most sensitive stuff.

                    We all thought [Martin] got caught by renewed or heightened scrutiny, and instead it looks as though he got caught because he was an idiot, he told POLITICO.

                    As for Kaspersky, news about its assistance in apprehending Martin likely wont satisfy detractors who believe the company can still be a tool of Russian intelligence even if it occasionally assists the U.S. government.

                    Martin, who is set to go to trial in June, was arrested Aug. 27, 2016 following a search of his home and was subsequently indicted in February 2017. Hes been charged with 20 counts of unauthorized and willful retention of national defense information, each of which carries up to 10 years in prison.

                    The case unfolded after someone who U.S. prosecutors believe was Martin used an anonymous Twitter account with the name HAL999999999 to send five cryptic, private messages to two researchers at the Moscow-based security firm. The messages, which POLITICO has obtained, are brief, and the communication ended altogether as abruptly as it began. After each researcher responded to the confusing messages, HAL999999999 blocked their Twitter accounts, preventing them from sending further communication, according to sources.

                    The first message sent on Aug. 13, 2016, asked for him to arrange a conversation with "Yevgeny" presumably Kaspersky Lab CEO Eugene Kaspersky, whose given name is Yevgeny Kaspersky. The message didn't indicate the reason for the conversation or the topic, but a second message following right afterward said, "Shelf life, three weeks," suggesting the request, or the reason for it, would be relevant for a limited time.

                    The timing was remarkable the two messages arrived just 30 minutes before an anonymous group known as Shadow Brokers began dumping classified NSA tools online and announced an auction to sell more of the agencys stolen code for the price of $1 million Bitcoin. Shadow Brokers, which is believed to be connected to Russian intelligence, said it had stolen the material from an NSA hacking unit that the cybersecurity community has dubbed the Equation Group.

                    The Twitter messages, along with clues Kaspersky researchers found that linked the Twitter account to Martin and his work in the U.S. intelligence community, led the researchers to wonder if Martin was connected to Shadow Brokers. This led the company to contact the NSA and suggest it investigate him, according to the sources.

                    POLITICO first reported the existence of the Twitter messages last week when they were mentioned in a court ruling made public after Martins attorneys unsuccessfully sought to invalidate FBI search warrants used in the case, on grounds that the bureau didn't have probable cause to obtain them.

                    æ, !

                    Hannia - Hania - Mighthelp

                    Comment


                    • #11
                      How a Russian firm helped catch an alleged NSA data thief Pt 2
                      U.S. District Judge Richard Bennett disagreed, citing the Twitter messages. He wrote that although the cryptic messages "could have had any number of innocuous meanings in another setting," their timing and Martin's potential access to Equation Group hacking tools through his government work made him a logical suspect in the Shadow Brokers investigation.

                      The partially redacted ruling quoted only two of five messages the mysterious Twitter account sent the company, and the name of the recipients was redacted. Kasperskys role as recipient and informant has not been previously disclosed.

                      A Kaspersky spokeswoman declined to confirm the companys involvement in the case or comment on the record.

                      According to the sources who spoke with POLITICO, Kaspersky gave the NSA all five Twitter messages as well as evidence of the sender's real identity. Then, according to the redacted court document, the FBI used the evidence to obtain search warrants for Martin's Twitter account and Maryland home and property. The document doesnt indicate how the FBI learned of the Twitter messages or Martins identity.

                      The home search on Aug. 27, 2016, occurred with a massive raid involving nearly two dozen FBI agents and SWAT team members with guns drawn, underscoring the cases urgency and the governments concerns about whom else Martin might have contacted. The search uncovered a trove of classified data in hard copy and digital format that Martin had taken between 1996 and 2016 material that the government has said included some of the same Equation Group tools the Shadow Brokers possessed.

                      The tools were some of the most prized surveillance implements the spy agency used to track suspected terrorists, conduct other national security investigations and collect intelligence.

                      Questions have lingered about whether Martin supplied the classified tools to Shadow Brokers, but he has not been charged with espionage, nor have prosecutors indicated Martin had any contact with the group. The group continued to publish online after Martins arrest, discounting theories that he himself was the Shadow Brokers.

                      And although the cryptic Twitter messages could be read as suggesting he was exploring the possibility of passing sensitive data to either Kaspersky or to the Russian government his attorneys have argued in court that no evidence exists that Martin intended to pass information to anyone. Hes a patriot who recklessly amassed and stored the classified material only because he suffers from a compulsive disorder, his public defender, James Wyda, has said.

                      Matt Tait, a former information security specialist at Britains GCHQ spy agency, thinks its interesting that Martin zeroed in on Kaspersky for his correspondence.

                      Why did he choose Kaspersky versus Sophos or Symantec? he said, referring to two other antivirus companies. He would have known better than others what that meant when the U.S. government says Kaspersky is hostile. Why did he choose that company versus another company, and what did he expect them to do?

                      These are questions that may only be answered in court, if Martin doesnt strike a plea deal.

                      Martins defense attorney, Wyda, declined to comment this week when POLITICO asked why his client contacted Kaspersky.

                      The revelation about how Martin was caught renews longstanding questions about the NSA's ability to prevent or detect theft of its secrets, even after increasing internal security measures following the 2013 leaks by agency contractor Edward Snowden. Those measures played no role in flagging Martin, according to the sources who spoke with POLITICO, though it's not clear they were in place at the time Martin took material from the agency.

                      Either way, the NSA was desperate in August 2016 to uncover the identity of Shadow Brokers and determine where they got the stolen tools, but it was only after Kaspersky turned Martin in that he became a suspect.

                      FIGURE OUT HOW WE TALK, WITH YEVGENY PRESENT

                      Like Snowden, Martin had a top secret national security clearance and worked for defense and intelligence contractor Booz Allen Hamilton and other contracting companies since the late 1990s. His work with Booz Allen included jobs at the NSA between 2012 and 2015, and in the Office of the Director of National Intelligence and a Defense Department office, where some of his thefts occurred.

                      Over the years, he worked on a number of highly classified, specialized projects, according to court records, and his work for the NSA put him directly in its Tailored Access Operations unit for a time the unit that created and used the Equation Group tools. However, a former TAO worker has said Martin was simply a front office worker who wasn't involved in spy operations there.

                      Martins downfall unfolded in the following manner, according to the people who spoke with POLITICO.

                      The first Twitter messages HAL999999999 sent to one of the Kaspersky researchers began as if they were already engaged in an ongoing conversation or had previously conversed. "So.figure out how we talk. With Yevgeny present," the message said. Then "Shelf life, three weeks."

                      He sent the messages on Aug. 13, 2016, but they sat unread for three days. Thats because the researcher didnt follow the HAL account, so the private messages went to a request folder. The researcher was on vacation and saw the messages three days later, after Shadow Brokers had made headlines and published batches of NSA tools.

                      The sender's Twitter handle was not familiar to the Kaspersky recipient, and the account had only 104 followers. But the profile picture showed a silhouette illustration of a man sitting in a chair, his back to the viewer, and a CD-ROM with the word TAO2 on it, using the acronym of the NSA's Tailored Access Operations. The larger background picture on the profile page showed various guns and military vehicles in silhouette.

                      The Kaspersky researcher asked the sender, in a reply message, if he had an email address and PGP encryption key they could use to communicate. But instead of responding, the sender blocked the researcher's account.

                      Two days later, the same account sent three private messages to a different Kaspersky researcher.

                      æ, !

                      Hannia - Hania - Mighthelp

                      Comment


                      • #12

                        How a Russian firm helped catch an alleged NSA data thief Pt 3
                        "Still considering it..," the first message said. When the researcher asked, "What are you considering?" the sender replied: "Understanding of what we are all fighting for and that goes beyond you and me. Same dilemma as last 10 min of latest Bourne." Four minutes later he sent the final message: "Actually, this is probably more accurate" and included a link to a YouTube video showing the finale of the film "Inception."

                        The Bourne comment appears to reference a Jason Bourne film about a former CIA assassin on the run from the agency, which was released in U.S. theaters two weeks before the Twitter user contacted Kaspersky. It and the Inception film deal with the difficulties of distinguishing truth and reality from deception and illusion.

                        The Kaspersky researcher didn't respond to the Twitter sender after this. Instead, he and colleagues conducted some online sleuthing and were able to easily unmask the sender's identity.

                        A Google search on the Twitter handle found someone using the same Hal999999999 username on a personal ad seeking female sex partners. The anonymous ad, on a site for people interested in bondage and sado-masochism, included a real picture of Martin and identified him as a 6-foot-4-inch 50-year-old male living in Annapolis, Md. A different search led them to a LinkedIn profile for Hal Martin, described as a researcher in Annapolis Junction and "technical advisor and investigator on offensive cyber issues." The LinkedIn profile didn't mention the NSA, but said Martin worked as a consultant or contractor for various cyber related initiatives across the Defense Department and intelligence community.

                        Armed with this information, on Aug. 22 a Kaspersky employee contacted an NSA worker he'd recently met at a conference and sent him the evidence, suggesting the agency might want to investigate Martin. The FBI obtained the warrant for Martins Twitter account on the 25th, and he was arrested two days later following the search of his home.

                        The FBI declined to comment on this new information, as did the U.S. Attorneys office handling the case.

                        Tait told POLITICO that any legitimate security researchers in Kasperskys position would notify the government if a potential leaker contacted them.

                        "These researchers seem to have taken the view that they know how to work out how the NSA does hacking through legitimate means; they don't need leakers inside the NSA to do their job, and it probably doesn't help them to be seen as actively antagonistic to the U.S, Tait said. It undermines their ability to claim they're a legitimate threat intelligence organization.

                        But Kasperskys efforts apparently earned the company little regard in the government.

                        UNDER GROWING SCRUTINY

                        Months after Martin was formally charged, the government's campaign against the company, which had been percolating in the background throughout 2016, also went public.

                        Although Kaspersky has worked with U.S. law enforcement and security firms for years to track hackers, the company's relationship with the government began to grow tense around 2012 as it exposed a series of covert NSA spy kits and hacking operations after finding the previously unknown spy software on customers machines. The company has exposKaspersky has long denied it has cooperated with Russian intelligence in any capacity to obtain U.S. secrets. And the U.S. government has never publicly indicated that it has any evidence to support suspicions that it has helped the Russian government use its software to spy on Kaspersky customers.

                        In any case, the timing of these events is notable: Its not clear whether Kaspersky knew about the FBI investigation or the Israeli allegations when the company turned Martin in to the NSA in 2016. Such knowledge could have made the company wonder if Martins communication was a test.

                        Baker told POLITICO that Kasperskys role in Martins arrest wasnt out of character for the company, which he doubts has ever actively aided Russian intelligence and has always wanted to be an accepted part of the cybersecurity fraternity.

                        [The company] recognized that it had a problem, given its origin and location [in Russia], and so where it could be helpful to the U.S. government and show that it was not a hostile force it wouldn't have surprised me that it would do something that was meant to be a goodwill gesture toward the U.S. government, he said.

                        Although he doesnt think the governments subsequent treatment of the company was wrong, it is pretty ironic, he said. And I'm sure the people at Kaspersky are feeling as though they did the right thing and it did them no good."ed more U.S. spy operations than any other cybersecurity firm in the last six years, and has in turn become a hacking target of spy agencies itself for its success in exposing not only NSA operations but those of Israel, the United Kingdom and France.

                        One of its most significant revelations occurred in February 2015 when the company announced discovery of a suite of sophisticated spy programs it dubbed the Equation Group tools long before the Shadow Brokers began leaking tools from the same group in 2016.

                        Kaspersky discovered the tools on computers in the Middle East in 2014, and its antivirus software later detected them on a machine in the U.S. sometime in 2014. Kaspersky believed the machine had been infected with Equation Group surveillance software, but in fact it was the home computer of an NSA employee named Nghia Hoang Pho, who had improperly taken home classified documents and NSA code he was helping develop that were related to the Equation Group toolset.

                        Kasperskys software uploaded the material from Phos computer to the companys servers, as part of a standard procedure antivirus programs use to analyze previously undiscovered malicious code. Kaspersky has insisted that once it realized the collection wasnt malware, CEO Eugene Kaspersky ordered his researchers to destroy the files.

                        But the collection of files helped fuel U.S. allegations that Kaspersky itself poses a security threat. Thats because, unknown to Kaspersky at the time, Israel had hacked the companys network in 2014, and in 2015 quietly told U.S. officials that it saw Russian intelligence operatives siphon the tools from Pho's machine with Kaspersky's cooperation or knowledge, using its antivirus software. The public only learned about this allegation in 2017 when anonymous sources leaked it to reporters. But no evidence backing this claim has ever been made public, and nobody has explained how the Israelis knew the extraction was not just part of standard infection analysis and cleanup.

                        Sometime in 2015, the FBI began investigating Kasperskys relationship with the Russian government, and by 2016, the bureau was urging U.S. companies privately to cut business ties with the firm. Then in February 2017, the month Martin was indicted, DHS sent a secret report to government agencies saying Kasperskys software posed a national security risk. News of the report was leaked to the media along with a revelation that the FBI was investigating the company.

                        Seven months later, DHS issued a directive banning Kaspersky software from civilian government computers because the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security. The ban led consumer giant Best Buy to announce it would no longer install Kaspersky antivirus software on computers it sells. https://www.politico.com/story/2019/...curity-1089131


                        æ, !

                        Hannia - Hania - Mighthelp

                        Comment


                        • #13
                          Lorem ipsum dolor sit amet

                          Comment


                          • #14
                            You do know that the phrase you posted has the appearance of an intelligent Latin idiom, but actually it is nonsense.

                            æ, !

                            Hannia - Hania - Mighthelp

                            Comment

                            Working...
                            X