US cyber espionage secrets reportedly hacked through Kaspersky software

Dive Brief:

The National Security Agency (NSA) revealed a 2015 Russian-based hack, which took place after an NSA contractor uploaded classified data on his home computer, reports the Wall Street Journal. Hackers accessed information about how the U.S. infiltrates international networks and how the NSA guards itself from foreign cyber intrusions.
Sources the Journal spoke to who are close to the matter believe Russian actors accessed the material through Kaspersky Labs software on the contractor's home computer, which would be the first known case of Kaspersky espionage, according to the report. It is believed the presence of the software tipped an alert to Russian hackers.
The attack was discovered in spring of 2016, but the magnitude is unknown to the public. The Journal reports it could be "one of the most significant security breaches in recent years."

Dive Insight:

The Department of Homeland Security (DHS) issued a ban on Kaspersky Labs products in federal agencies in September. Investigators including the FBI warned against the potential espionage the software can introduce to a device.

Agencies were instructed to remove the antivirus products within 90 days of the order, but Kaspersky Labs vehemently denies claims it has Kremlin ties. Still, the allegations were enough for U.S.-based retailers like Best Buy and Office Depot to discontinue business with the software company. The retailers are offering customers free removal and an alternative security software replacement.

Dissecting the recent WSJ story: С-movie script and yes, we're proud of aggressively protecting our users ⇒ https://t.co/qg6ZkHCkvV
— Eugene Kaspersky (@e_kaspersky) October 5, 2017

No public reports regarding Kaspersky espionage had been disclosed until Thursday. The federal government's decision to remove Kaspersky products from its networks was not a decision applicable to the private sector.

A representative from the DHS' cybersecurity unit said the agency will help the private sector make decisions over Kaspersky products, but companies ultimately have "to make their own risk management decision."