NSA, GCHQ Targeted Kaspersky, Other Cybersecurity Companies: Snowden Docs
TEHRAN (Tasnim) - US and British spy agencies worked to reverse-engineer antivirus software in order to "exploit such software and to prevent detection of our activities." Russian security firm Kaspersky Lab was particularly targeted.
Citing documents leaked by former intelligence contractor Edward Snowden more than two years ago, The Intercept reported Monday that the US National Security Agency (NSA) and the British Government Communications Headquarters (GCHQ) teamed up to subvert antivirus and security software made by the likes of Kaspersky Lab.
In addition, 23 total security firms -- including the antivirus company F-Secure of Finland, Avast from the Czech Republic, and DrWeb of Russia -- were targets of the NSA's “Project CAMBERDADA."
The spy agencies sought to remain ahead of the software companies -- which often flag state-sponsored malware -- in order to give the US and UK governments an advantage during official hacking operations.
Kaspersky Lab was a particularly crucial target, according to the Snowden documents.
“Personal security products such as the Russian anti-virus software Kaspersky continue to pose a challenge to GCHQ’s CNE (Computer Network Exploitation) capability and SRE (software reverse engineering) is essential in order to be able to exploit such software and to prevent detection of our activities,” GCHQ wrote in a warrant renewal request from 2008. “Examination of Kaspersky and other such products continues.”
GCHQ's request -- valid for six months from July 7, 2008 to January 7, 2009 -- sought reauthorization from the UK Foreign Secretary for infiltration that would “involve modifying commercially available software to enable interception, decryption and other related tasks, or ‘reverse engineering’ software.”
Sans a warrant for reverse engineering, GCHQ was concerned that its actions might be "unlawful" or an infringement of copyright claims, RT reported.
“Reverse engineering of commercial products needs to be warranted in order to be lawful,” a GCHQ agency memo said. “There is a risk that in the unlikely event of a challenge by the copyright owner or licensor, the courts would, in the absence of a legal authorisation, hold that such activity was unlawful(…)”
The NSA also sought weaknesses in Kaspersky Lab's software, employed by more than 400 million users worldwide, the company has claimed. The American spy agency found, in 2008, that the company transmitted sensitive user data to back the company's servers. The "leaky" information -- embedded in what is called "User-Agent" strings -- was then intercepted and used to track Kaspersky customers, The Intercept reported.
