According to the latest documents revealed by NSA whistleblower Edward Snowden, the National Security Agency (NSA) and its British counterpart, Government Communications (GCHQ) Headquarters have reverse engineered the popular security firm Kaspersky Lab and other security solutions providing companies.
While different companies have been under attack, the company which is mentioned repeatedly in the report is the Russia-based Kaspersky Labs. The company is one of the leading security solutions providers, and has more than 270,000 corporate clients and claims to protect more than 400 million spread across the globe.
Below is the screenshot of the leaked 2010 presentation named “Project CAMBERDADA.”
The technique software reverse engineering, or SRE, was used to thwart Kaspersky anti-virus software. The NSA has also shown a keen interest in the past to study the weaknesses and monitored the communications between users and the Kaspersky servers.
Recommended: How to Detect NSA’s Complex “Quantum Insert” Attacks
The attack on the antivirus companies like Kaspersky makes perfect sense as they are responsible for defending the users from inbound threats. The Intercept says that spy agencies and anti-virus companies share a cat and mouse relationship. If a spy agency is able to find weaknesses in the anti-virus software and hack it, it gives it them the obvious advantage.
The Project CAMBERDADA presentation lists 23 additional AV companies from all over the world under “More Targets!” Take a look below.
A top secret warrant issued by GCGQ tells the same motives behind these attacks: “Personal security products such as the Russian anti-virus software Kaspersky continue to pose a challenge to GCHQ’s CNE [Computer Network Exploitation] capability,” the warrant stated, “and SRE is essential in order to be able to exploit such software and to prevent detection of our activities.”
In an email, Kaspersky Lab told The Intercept, “It is extremely worrying that government organizations would be targeting us instead of focusing resources against legitimate adversaries, and working to subvert security software that is designed to keep us all safe. However, this doesn’t come as a surprise. We have worked hard to protect our end users from all types of adversaries. This includes both common cyber-criminals or nation state-sponsored cyber-espionage operations.”
The Intercept asked for comments from the NSA and GCHQ- which was obviously declined.
Via: The Intercept
Recommended: How New Zealand and NSA Plotted Hack on China