Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Businesses Government The Almighty Buck Politics

Israeli Spies 'Watched Russian Agents Breach Kaspersky Software' (bbc.com) 194

Israeli spies looked on as Russian hackers breached Kaspersky cyber-security software two years ago, according to reports. From a report: The Russians were allegedly attempting to gather data on US intelligence programs, according to the New York Times and Washington Post. Israeli agents made the discovery after breaching the software themselves. Kaspersky has said it was neither involved in nor aware of the situation and denies collusion with authorities. Last month, the US government decided to stop using the Russian firm's software on its computers. The Israelis are said to have notified the US, which led to the ban on Kaspersky programs. The New York Times said that the situation had been described by "multiple people who have been briefed on the matter."
This discussion has been archived. No new comments can be posted.

Israeli Spies 'Watched Russian Agents Breach Kaspersky Software'

Comments Filter:
  • by Anonymous Coward on Wednesday October 11, 2017 @09:21AM (#55349337)

    So Israel was spying on the US and saw that Russia was spying on the US.
    Great. Wish they'd both die in a fire.

    • by jedidiah ( 1196 ) on Wednesday October 11, 2017 @09:23AM (#55349353) Homepage

      It's kind of like that time that particularly famous traitor aired our own dirty laundry and it turned out that we spy on all of our allies.

      • by nagora ( 177841 ) on Wednesday October 11, 2017 @10:39AM (#55349841)
        We need more traitors like him to protect us from assholes like you who would sell us all down the river for any bastard wrapped in a flag.
      • by higuita ( 129722 )

        s/traitor/hero/

        That should fix it

    • by VocationalZero ( 1306233 ) on Wednesday October 11, 2017 @09:34AM (#55349433) Journal
      The Israelis notified the US that they were able to breach Kaspersky on their systems. The Russians did not. Speaks a lot about the intent. Not sure how you missed that.
      • Re: (Score:1, Interesting)

        by Anonymous Coward

        But they didn't report the security flaw to Kaspersky??

      • Re: (Score:1, Insightful)

        by Anonymous Coward

        The Israelis notified the US that they were able to breach Kaspersky on their systems. The Russians did not. Speaks a lot about the intent. Not sure how you missed that.

        Yeah, like that time I told my friend that I fucked his wife when he wasn't around.
        He was super upset and then I'm all like, "Well, at least I told you, unlike your brother."
        See, it's all about intent with these things.

      • Hi Neighbor. As I was breaking into your house to "borrow" a few beers, I noticed someone had already broken in. You might wanna get that lock fixed. You're welcome.
        • by VocationalZero ( 1306233 ) on Wednesday October 11, 2017 @11:26AM (#55350275) Journal
          I can't say I'm a fan of arguments using heavy-handed, over-simplified analogies, this one included. Seems more like a false equivalence.

          Your timeline is wrong, and you are basically stating that the Israelis were only there to steal information from the US. Do you actually know this, or is this just pessimistic conjecture?

          Even if they were only there initially to steal data (big if), we live in a world where everyone spies on everyone. It is what spy agencies do, it is their entire purpose. It makes no sense to expect not to be spied on, but it does make sense that allied agencies would inform you if non-allied agencies are successfully intruding into your systems.
          • Hi neighbour. You should really get your money out of First National. We didn’t rate their security at all when we cleaned them out.

            • A more apt analogy would be:

              Hi neighbor. You should really stop using Equifax. We were able to break in easily, and noticed other people were as well. By the way, your Equifax data has (obviously) been compromised. Might want to look into that.
      • It tells me that the Israelis had some other route into US secret areas and weren't concerned about losing the loophole they were looking for in Kaspersky. So they could harm the country most of their immigrants (around 1 in 8 of the population) come from while helping the country that most of their arms come from (if you believe both sides' propaganda). I bet that decision had to go up to quite senior levels.
    • by Anonymous Coward

      Uhh did you read the fucking summary, you fucking imbecile?

      They were spying on Russia. They notified the US. The only reason you might be upset is if you are a Russian...

      • by Anonymous Coward

        Russians, on Slashdot? I'm shocked, shocked I tell you. Please say it ain't so. Next you'll be saying they pretend to be American or Canadian or Polish or British. No this is impossible, my mind cannot accept it.

      • Didn't you know? Since November of 2016 everyone in the US is Russian.

    • by cb88 ( 1410145 )
      "The Israelis are said to have notified the US"

      No, they had our back...
    • by alexo ( 9335 )

      And since the US spies on all of it's allies, should they die in a fire as well?

    • by gtall ( 79522 )

      Whatever. Spying performs a perfectly fine function, preventing surprises and believing your biases. Think of it as data collection for a theory about the "other side". Would you rather Russia have no information about U.S. military programs? Those well-adjusted, non-paranoiac KBG retreads?

  • If Kaspersky did not know. Its not like Russia has a free press to investigate those things. Oh crap.

  • Any AV vendor (Score:5, Insightful)

    by xxxJonBoyxxx ( 565205 ) on Wednesday October 11, 2017 @09:24AM (#55349367)
    Part of the reason I've always felt nervous installing AV or anything else that wanted to run at or near kernel is exactly this: at least one third party is "in" my system...and if that third party goes sideways then the rest of my defenses aren't worth much. (e.g. is your IDS really going to flag a 10% traffic increase to your AV vendor from your AV software?)
    • by Opportunist ( 166417 ) on Wednesday October 11, 2017 @09:33AM (#55349431)

      Once you realize you install it on Windows 10, you start to relax again. It's like having a ticking bomb in a plane that lost its tail and is plummeting towards the ground with a few 100 mph. Does it matter that there's a ticking bomb next to you?

      • by account_deleted ( 4530225 ) on Wednesday October 11, 2017 @09:50AM (#55349525)
        Comment removed based on user account deletion
        • When the bomb issues you a ticket, does it explode, too?

        • I know, I know, but try to argue that with the TSA idiots. No clue about statistics but think they're king of the airport.

        • Ticketing bombshells, maybe. I remember when all flight attendants were gay or super hot.
          • Last time I flew with Delta I felt like I stepped into a time machine. The seats looked like out of a 70s airplane catastrophe movie and the beehive hairdo of the attendants didn't really comfort me either.

            When that tech looked at the engine shook his head and went away I wanted to get off.

      • by freax ( 80371 )

        The plane crash probably kills me, the bomb exploding definitely kills me. Yes it matters: there is a small difference between probably and definitely.

        However, with Win10 it's the other way around: there is a bomb exploding while your plane lost its tail and is plummeting down. Given that the explosion of the bomb already killed you, do you still care that the remainder of the plane is crashing?

    • by anegg ( 1390659 )

      Given the seemingly substantial increase in the risk that computer users cannot trust software that they have acquired regardless of source, what needs to change about the architecture and/or operation of computer systems (hardware and/or software) to reduce this risk? The risk has always been present, but the threat appears to have increased significantly (by which I mean that there is a greater probability that someone is trying to attack through this attack vector), which increases the risk accordingly.

  • by Sarcasmooo! ( 267601 ) on Wednesday October 11, 2017 @09:25AM (#55349387)

    Here's an old story [wired.com] you might find apolitically interesting. We knew way before the election that Kaspersky was KGB trained and a Putin loyalist. You can read my comment history of you're an actual skeptic rather than a Russian botnik. But I also recommend anyone who doubts Putin's viciousness to hear the story of how he murdered his way into office from this PBS Documentary [youtu.be].

    As a sidenote, I'm a slashdot reader from more than a decade ago, and I've been really disappointed to see the amount of denialism present on this issue. I remember this as a place for pragmatic, intelligent, realistic people. And here's the reality: Putin is at war with you, he doesn't give a shit about you or your family or even his own citizens' families, and he actively hopes that you are confused about what he is doing, or denying it entirely.

    • Re: (Score:3, Insightful)

      by Anonymous Coward
      Brace yourself for the hysterics, e tu quoque, and false equivalences. Get ready for more demands of absolute proof, and probably some ad hom attacks while they're at it.
  • Seriously, if something like this came up in a cheesy 80s action show I'd switch channel.

  • Occam's Razor (Score:5, Insightful)

    by chill ( 34294 ) on Wednesday October 11, 2017 @09:39AM (#55349461) Journal

    Kaspersky's AV solutions scan files, and transmit data back to their servers if found to be malware. If nothing else, they can send back lists of files on machines that are scanned, etc.

    The transmission is done thru TLS-encrypted channels.

    The Russian Government, like most major governments, do their best to monitor all of the traffic they can. See the recent Wikileaks documents on "Peter-Service" for some details.

    If the Russian gov't has obtained, one way or another, copies of Kaspersky's TLS keys, then they really don't need cooperation to see everything that's coming down the pipe. They can also probably MITM the connection and take control of the AV application, without Kaspersky's knowledge.

    It is called "plausible deniability" for Kaspersky and fairly trivial in a country where the use of strong encryption requires a license from the gov't.

    There are numerous current news articles about our (American) Justice Department is salivating over the possibility of that being possible in the U.S.

    • If the Russian gov't has obtained, one way or another, copies of Kaspersky's TLS keys, then they really don't need cooperation to see everything that's coming down the pipe. They can also probably MITM the connection and take control of the AV application, without Kaspersky's knowledge.

      That's a very interesting thought, considering that Kaspersky has offered to make their source code available for scrutiny. In the scenario your describe, the vulnerability would arise outside of the code itself.

      • by chill ( 34294 )

        Don't be fooled by offers to make source code available for closed-source products. If they don't deliver the product EVERY TIME with source, that you then compile and use -- instead of the other binary they provide -- it is fairly useless.

        Updated code is/was a popular way to get malware into Google's Play Store for Android. The benign app was vetted by Google, allowing it in. Once installed, it phoned home and installed "updates" that change the function to something more malicious.

        Properly executed MITMs

  • Well, then... (Score:5, Insightful)

    by lhowaf ( 3348065 ) on Wednesday October 11, 2017 @09:40AM (#55349473)
    I trust(ed) Kaspersky more than the Senators bad-mouthing them. They look pretty bad in this light, though. Not because of collusion with the KGB but because their software can't, apparently, protect their own systems. So who can we trust, then? Symantec? McAfee? Windows Defender? Please. It looks like we either have to swallow the fact we're going to be entertaining uninvited guests or we'll have to try to live without our security blankets. It isn't so bad for /. readers but what about those friends and family who are more-and-more at risk? What a stinkhole we've made of the Internet.
    • Kaspersky? Sounds kinda Russian to me!

      They're probably part of RINNT - the Russia Israel Neo Nazi Trump conspiracy!

    • It isn't so bad for /. readers but what about those friends and family who are more-and-more at risk?

      This comment is just bizarre and completely backwards. The only people who care about this stuff are people on places like Slashdot. Friends and family who don't work in IT are not losing any sleep over this at all. I can give you my complete guarantee on that. The people who actually do care are few in number.

      • by lhowaf ( 3348065 )
        The lack of concern by people I care about doesn't mean they are risk-free. The fact they don't care just compounds the problem. What can we recommend? Proxies or VMs? Industrial-strength firewalls? It just isn't going to happen. The best we can do is decide (for them) which is better - the state-sponsored spying or the thieving horde. Some choice. Probably no choice at all.
    • Re:Well, then... (Score:4, Insightful)

      by Gravis Zero ( 934156 ) on Wednesday October 11, 2017 @11:52AM (#55350441)

      So who can we trust, then? Symantec? McAfee? Windows Defender? Please. It looks like we either have to swallow the fact we're going to be entertaining uninvited guests or we'll have to try to live without our security blankets.

      You can't trust Microsoft to start with, so stop using their products. Linux or one of the BSDs are far more trustworthy.

      Windows is your "security blanket", not the AV product.

    • by Hentes ( 2461350 )

      Yep, if true this sounds really bad. I've got to say though that the agencies should've at least tried to notify Kaspersky of the breach without giving away too much just to see how they react. That would've made things clearer. But in the end it doesn't matter whether through malice or incompetence, if this is true this means Kaspersky isn't just sending your data to the Russians but also the Israelis, making it even worse. I wonder who else managed to hack them. Personally I use Clam on a liveCD to scan m

    • Comment removed based on user account deletion
  • by lbmouse ( 473316 ) on Wednesday October 11, 2017 @09:54AM (#55349545) Homepage
    No matter how you spin this there is no way for Kapersky to come out of this whole mess OK.
  • The best way to be protected is to ignore the problems... so says the Symantec CEO https://yro.slashdot.org/story... [slashdot.org]
  • Comment removed based on user account deletion
  • Are you sure it wasnâ(TM)t Israeli agents? Easy to watch them if youâ(TM)re standing in the same room.
  • Comment removed based on user account deletion
  • Quis custodiet ipsos custodes?

  • In related news ... (Score:4, Informative)

    by PPH ( 736903 ) on Wednesday October 11, 2017 @11:10AM (#55350117)

    ... an Israeli company announces it's new anti-virus [israel21c.org] product.

  • by rbrander ( 73222 ) on Wednesday October 11, 2017 @03:38PM (#55352097) Homepage

    Man, if you`re a nation of 350 million people who invented the Internet and have a larger security budget than the rest of the world put together, it must totally burn you to be hacked by a half-starved, half-drunk nation of 150 million.

    But not as much as being told about it by a nation of 8 million.

    Guys, we don`t agree with all your foreign adventurism and neo-colonialism, but if you`re going to run around the planet just making enemies hand-over-mailed-fist, you really need to up your cybersecurity game. You have WAY too many of your human IT resources trying to figure out how to out-snapchat SnapChat.

    And hire Snowden back. That guy could run a computer.

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (10) Sorry, but that's too useful.

Working...