The Wall Street Journal (WSJ) has reported that the NSA suffered a serious breach in 2015 which exposed the agency’s cyber warfare strategy, including its own defenses and methods of attacking foreign networks. According to the report, Russian intelligence is said to be behind the attack, with software from Russia-based cyber security giant Kaspersky labs.
The story, as it is told, goes like this, the data was reportedly taken home by an NSA contractor, who was somehow compromised through their use of Kaspersky’s antivirus software. Although how exactly did this happen is to be explained, speculations that it may be related to the practice of downloading and storing files it thought were suspicious (e.g. malware executables) on its servers is on the rise.
While the methods are unclear, the certainty that there has been a breach is not in question. The WSJ reported that the breach was major enough to be given a code name from the highest levels of the agency and also prompted admonition from them. It occurred sometime in 2015 but was only discovered during the spring of 2016 and was never disclosed.
This is definitely not helping Kaspersky Labs, which has come under heavy fire from the US government and its executive branches in the recent months. This has been mostly due to fears of Russian interference in U.S. affairs which were stoked by innumerable cybersecurity incidents and alleged links to the present administration. The company’s products were also banned from use in both the executive branch and parts of Congress, while Kaspersky continuously denied “inappropriate ties with any government” and maintained that the allegations are unfounded.