A new document unearthed from the massive Snowden leak shows the National Security Agency and Government Communications Headquarters attacked Kaspersky security software in an attempt to counter anti-virus efforts.
With monitoring often the result of viruses uploaded into targeted systems (or through creating a virus-run network of infected computers), anti-virus software has been a real pain for spy agencies. One that has been especially targeted is security agency Kaspersky Lab.
The Russian security software firm is responsible for the privacy of hundreds of millions of clients, both for personal and professional systems.
According to the report, the NSA and GCHQ banded together to reverse engineer a number of programs in order to monitor online data and traffic. From this data they were able to bypass security measures provided by anti-virus software.
The back engineering itself was allegedly performed by the British GCHQ, with information shared to the United States’ NSA. The NSA then intercepted messages being sent between software users and the Kaspersky servers, capturing information for monitoring and mass storage.
All of this was more than just a way of monitoring online usage. It was hoped that through taking apart the product, agencies would be able to find a longer term exploit that could get past all Kaspersky products. In the future, they would not have to worry about the large security firm getting in the way of their secretive efforts.
It is amazing how this information is being received. No one seems surprised, or even that offended. After so many revelations from the Snowden leaks, news of the shady practices of US and UK spy agencies is just commonplace.
Reverse engineering, monitoring traffic to servers and watching emails for vulnerability reports seems completely within the scope of what we would expect at this point. That Kaspersky Lab would be targeted is also far from surprising, given their size and the influence they hold in the cyber security world.
What is most frustrating about these stories is how little can be done. The NSA and GCHQ both continue to hold a shocking amount of power even in the face of public and official outcry. Cyber security attacks and efforts are almost certainly running rampant even now, as the reigns of control remain as elusive and out of reach as ever.
This is news showing the actions of an unstoppable, clumsy, inefficient monster. An agency that has no oversight, and eats its own tail as a result.
Source: The Intercept