Tools can be stolen. In fact, if we're claiming whoever did this was a super-genius, they would have stolen or spoofed the tools they used to point at someone else. Unless they were Russia being so clever they were pretending to be someone pretending to be Russia!
Edit: Your link show Kaspersky labs making the claim that this was the FSB. Yet the West also claims Kaspersky is controlled by FSB! Well, you could say "they should know". Or maybe they want to humor the West so their ban will be lifted. Or maybe they aren't controlled by the FSB at all. But if the West can't figure that out, how do they expect to figure out the true origin of the hack.
How do you think FSB "came back" to the machine of the NSA malware developer who's in the USA? I think that's exactly what is not plausible. He surely isn't going to open a trojan named isthatyou.jpg.exe in the e-mail sent by them to him. He actually made such stuff (trojans or something) himself as he let Kaspersky's software automatically collect the sample of his "work in progress." Now the unnamed government sources "leak" this as a case of apparent "Russian hackers" whereas the only known hackers in the story are the NSA and the Israel's hackers who hacked the office computers of Kaspersky. Kaspersky's software just did what other antivirus software does too.
This is a truly excellent point given that Kaspersky Labs are called FSB asset. Maybe this was the attacker letting people off. Putin said that actions are by patriotic freelancers (hack elections etc). I did not think anPetya was officially sanctioned/orchestrated until Rosneft statement sounding like some lary Soviet-era propaganda. But who has windows media lying around these days? And who cares if it is only being tasked by Putin tacitly? This is what non-linear war looks like.
My recollection was that he had samples of NSA malware on his computer, that Kaspersky detected this, and that shortly afterwards he was directly targeted by Russian state hackers.
It was not so much that Kaspersky was acting as malware, but that they were sending tips to the FSB.
Imagine you are the head of the security apparatus in a totalitarian regime and you find out that a well respected international company from your country produces a piece of software that is installed in millions of computers over the world with admin privileges. Wouldn’t you lean on them? How can you not?
I have lived under a totalitarian regime (not Russia) and I can tell you that the security apparatus doesn’t fuck around. There is no asking, only cooperation, or else...
The Russians are also good at spook games, I mean, the dude is KGB trained. They don’t need to compromise the source code with backdoors that someone can find, they just ask Kaspersky to be a tiny bit more aggressive in their sample vacuuming for example. Or they just don’t do anything and sit on it, knowing that one day they can call to collect.
I personally believe Kaspersky is compromised, IMHO. I just don’t see a way that it can’t be.
Weaponized hacking complicates things. You don't know to which extent Kaspersky cooperates with the FSB or even whether there isn't someone from the FSB working covertly for them, implementing backdoors.
OK, so the article claims Kaspersky developed software that FSB uses and helped them to do whatever they do. Now, how evil is that?
Well, I may have developed software that FSB uses too. I don't know for sure, but I participated in a number of widely used open source projects, and given how big FSB is, it's not impossible somebody somewhere there uses one of them. Thus, I apparently am kinda Russian spy?
Also, Kaspersky cooperated with FSB in their enforcement activities. Nothing US security company would ever do, I mean cooperating with law enforcement? Are you kidding me?! OK, FSB is not you common law enforcement. Probably not all of these activities are what we'd call good, and some of them what we'd call pure evil. But using somebody's technical expertise does not automatically make all products by that company somehow insecure. If they specifically did the evil stuff - yes, maybe - but then dig up which stuff they did and show the specifics! So far the only specific activity mentioned was fighting DDoSers, which is not exactly evil.[1]
I mean, maybe Kaspersky is a Kremlin puppet. Or maybe not. I have no slightest idea. Maybe it's a good idea not to use software from the company which is in a total grasp (as any company in Russia) of a large geopolitical foe for critical infrastructure. Certainly sounds like a good idea. But this article spends so much text on not adding anything to this obvious idea but vague innuendo and describing common things in menacing tone. Very common to the general journalistic treatment of the Red Scare 2.0 we're observing right now and it gets more tiresome by the day. I'm not even defending Kaspersky here, I am defending minimal standards in reporting tech stuff.
OK, if "CIA impersonated Kaspersky" it is of course implied they stole the NSA tools to frame benign Russian government. NSA tools were revealed by Wikileaks in "Vault 7". This revelation comes as WL's "Vault 8".
Does that mean WL got Vault 7 from CIA and Vault 8 from Russian FSB?
Too bad the article doesn't mention that Kaspersky actually is very closely tied with the FSB (ie KGB) - most likely he works for them. That doesn't mean the original article is untrue - just that the 'research' really comes from Russian spies.
"Kaspersky’s rise is particularly notable—and to some, downright troubling—given his KGB-sponsored training, his tenure as a Soviet intelligence officer, his alliance with Vladimir Putin’s regime, and his deep and ongoing relationship with Russia’s Federal Security Service, or FSB."
They're fair game as far as I'm concerned, considering the things they've done in the past. They're not this innocent tech company morally above the dirty games nation states play. They're an active participant. Pretty much every "important" industry in Russia is controlled by the Putin administration and is a tool of it. See how the founder of VK didn't want to play ball and had to flee the country. Now VK is run by Putin stooges.
There's not a lot of attribution going on here, though. Take the WaPo story, they just tell us what's possible and leave us to draw conclusions ourselves -
“That’s the crux of the matter,” said one industry official who received the briefing. “Whether Kaspersky is working directly for the Russian government or not doesn’t matter; their Internet service providers are subject to monitoring. So virtually anything shared with Kaspersky could become the property of the Russian government.”
Late last month, the National Intelligence Council completed a classified report that it shared with NATO allies concluding that the FSB had “probable access” to Kaspersky customer databases and source code. That access, it concluded, could help enable cyberattacks against U.S. government, commercial and industrial control networks.
You're thinking Kaspersky has ties with Kremlin, and, after an apparent lack of belief in authenticity (even after inserting commically bad Slavic-person-speaks-bad-English phrases in their "ad") they worked together on writing an "analysis" to bolster the authenticity. So the world believes that this a bona-fide stuff?
>I think its clear Russia uses Kaspersky to make western intelligence look bad. Its more demoralizing to have a AV vendor point this stuff out than one's own security apparatus and its a good cover for the FSB's own hacking. Wired has written about the FSB/Kaspersky connection
This seems like the most relevant part -- it's not that Kaspersky is THAT much better, but that they have a lot of help from the state, which has way more resources than an anti-virus company. How much of that is true, I have no idea.
Also, "free" in the way you use it is a pretty shaky concept: In theory, you're "free" to record police officers acting in the course of their duty, but that doesn't mean the authorities won't ruin your life because of it. (To say nothing of how eerily easy it is for the government to issue gag orders.)
I think they're suggesting that a Russian security service (FSB?) might have asked Kaspersky to sit on it until the time was right. I don't think they were referring to the CIA, since yeah, that wouldn't make much sense.
It seems very plausible that the FSB is using Kaspersky to alert them every time the software finds something of interest. It would then make further sense that the FSB would locate the target and investigate. It's probably how they found this NSA Employees PC. Entry to the device was probably rather simple since they already had some level of access through the Kaspersky product.
Quite brilliant to use a popular Anti Virus software to scan millions of computers for interesting software. The FSB probably couldn't believe its luck when they found this target. I am in disbelief that the US Government would even use Kaspersky in the first place. I am just a simple consumer and would never trust their software knowing how the Russian system operates. There is no such thing as independence from oversight.
Leave it to the Jews to figure all this out. Super smart, it's in their genetics.....Bravo...
Edit: Your link show Kaspersky labs making the claim that this was the FSB. Yet the West also claims Kaspersky is controlled by FSB! Well, you could say "they should know". Or maybe they want to humor the West so their ban will be lifted. Or maybe they aren't controlled by the FSB at all. But if the West can't figure that out, how do they expect to figure out the true origin of the hack.
"A riddle wrapped in mystery, inside an enigma"
reply