Investigators believe that software from Russia’s top cybersecurity firm, Kaspersky Lab, was involved in a theft of top secret National Security Agency intelligence outlining how the US hacks its adversaries, The Wall Street Journal reported Thursday.
And depending on what was stolen, the breach could spell catastrophe for the company.
According to the Journal, an NSA contractor stole and downloaded onto his personal computer highly classified details about how the US penetrates foreign computer networks and defends itself against cyberattacks. (The Washington Post reported the person was not a contractor, but an employee working for the NSA’s elite hacking division known as Tailored Access Operations.)
Russian hackers then stole that intelligence by exploiting the Kaspersky antivirus software the contractor had been running on his computer.
The breach wasn’t discovered until spring 2016, according to the Journal and The Washington Post — nearly one year after the hackers are believed to have gained access to the intelligence.
Kaspersky has denied any involvement in the theft, and it is unclear whether the hackers stole code or documents from the contractor. The latter would prove far more damning for Kaspersky, experts say, especially as it stands accused by the US government of being a tool of the Kremlin.
“Ultimately, this will come down to what was stolen from the computer,” said David Kennedy, a former NSA intelligence analyst who founded the cybersecurity firm TrustedSec.