Report: Russian hackers breached NSA, US cyber defense compromised; highly classified info stolen
The hackers stole data that includes information about how the U.S. defends its own networks against cyber attacks.National Security Agency Operations Center floor in 2012 (NSA)
Russian hackers were able to obtain highly classified National Security Agency (NSA) data and procedures, including information about how the U.S. defends against cyber attacks, the Wall Street Journal has exclusively learned.
The stolen data included “details about how the NSA penetrates foreign computer networks, the computer code it uses for such spying and how it defends networks inside the U.S.,” the WSJ said, citing “multiple people with knowledge of the matter.”
Having this information means the Russians could protect their own data and networks from potential breaches from the U.S., and it also gives Russia insight as to how to infiltrate U.S. and other nations’ networks, the WSJ report said.
The hackers reportedly stole the information from the computer of an NSA contractor who downloaded the data and put it on his personal computer at home, the Wall Street Journal reported.
The Russian hackers were able to target the information using antivirus software from Kaspersky Lab in Russia, and found the files, its sources told the Wall Street Journal.
The hacking took place in 2015 but wasn’t discovered until last year, its sources said, the WSJ reported.
And: “The theft, which hasn’t been disclosed, is considered by experts to be one of the most significant security breaches in recent years. It offers a rare glimpse into how the intelligence community thinks Russian intelligence exploits a widely available commercial software product to spy on the U.S.,” the report said.
An NSA spokesman told the Wall Street Journal: “Whether the information is credible or not, NSA’s policy is never to comment on affiliate or personnel matters,” and he noted that the Department of Defense has a contract for antivirus software from a different company.
The Wall Street Journal also reported:
The breach is the first known incident in which Kaspersky software is believed to have been exploited by Russian hackers to conduct espionage against the U.S. government. The company, which sells its antivirus products in the U.S., had revenue of more than half a billion dollars in Western Europe and the Americas in 2016, according to International Data Corp. By Kaspersky’s own account it has more than 400 million users world-wide.
The revelation comes as concern over Russian infiltration of American computer networks and social media platforms is growing amid a U.S. special counsel’s investigation into whether Donald Trump’s presidential campaign sought or received assistance from the Russian government. Mr. Trump denies any impropriety and has called the matter a “witch hunt.”
Intelligence officials have concluded that a campaign authorized by the highest levels of the Russian government hacked into state election-board systems and the email networks of political organizations to damage the candidacy of Democratic presidential nominee Hillary Clinton.