Edward Snowden reveals NSA and GCHQ hacked anti-virus software

23 Jun 2015

The NSA and GCHQ worked together to undermine anti-virus software tools like those of Kaspersky Labs, Edward Snowden has revealed.

The US NSA and the UK’s GCHQ are understood to have worked together to subvert popular anti-virus software products like Kaspersky Labs’ software, according to the latest Edward Snowden revelations.

The spy agencies are understood to have reverse-engineered popular anti-virus software packages and monitored email and web traffic to discreetly get past the software and obtain intelligence.

According to The Intercept, the spy agencies paid particular attention to Moscow-based Kaspersky Lab, which is used by more than 400m people and includes more than 270,000 corporate clients.

Snowden claims the NSA obtained sensitive customer information by monitoring email and web traffic on Kaspersky’s servers.

While the security companies are engaged in a game of cat and mouse against hackers and creators of malware, the spy agencies are engaged with a game of cat and mouse with the security software companies.

The most dangerous malware introduced to the internet is often created by spy agencies as part of cyber warfare, such as the Stuxnet virus, which is understood to have been created by a joint US/Israeli team codenamed “Operation Olympic Games” to take down industrial plants in Iran. Instead, the malware went viral, threatening industrial complexes worldwide.

The new Cold War

In terms of the latest Snowden revelations, rather than report the vulnerabilities they discover in security software – such as that of Kaspersky – the spy agencies have been quietly stockpiling numerous exploits as weapons to hack adversaries.

It is understood that NSA agents embedded user-agent strings in HTTP requests on Kaspersky’s servers to uniquely identify the computing devices belonging to Kaspersky customers.

Kaspersky, however, has denied that user-agent strings can be used against customers, saying the information is depersonalised and protected by strong encryption.

While the spy agencies paid attention to as many as 17 anti-virus players, they paid particular attention to Kaspersky Labs simply because it is a Russian company and, therefore, guilty by its association with Russian spook agencies like the KGB.

Founder Eugene Kaspersky was educated at a KGB school and worked for the Russian military.

Another reason for suspicion has been Kaspersky Labs’ ability to spot NSA malware.

“It’s very hard for a company with Russian roots to become successful in the US, European and other markets. Nobody trusts us — by default,” Kaspersky said in a recent blog post.

Spyware image via Shutterstock

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years