You are here: Home » International » News » Others
Business Standard

Russian hackers said to steal cyber programmes from NSA Contractor

Martin's case followed the 2013 revelations of Edward Snowden, who fled his job as an NSA contractor in Hawaii for Hong Kong

Chris Strohm | Bloomberg 

Photo: Reuters
Photo: Reuters

obtained classified information about after breaching a personal computer used by an agency contractor in 2015, according to a person familiar with the matter.
The contractor, who wasn’t identified, took the classified material home, where stole it by exploiting vulnerabilities in software that he had on his computer, according to the person, who asked not to be identified.

The breach, first reported by the Wall Street Journal, is the latest to plague the NSA involving the use of government contractors. Harold Martin, who was contracted to work at the NSA, was arrested last year and told investigators that he knowingly took home documents and digital files that contained highly classified information.
Martin’s case followed the 2013 revelations of Edward Snowden, who fled his job as an in Hawaii for Hong Kong and then Russia after stealing and releasing a trove of data on classified US data-collection programmes.
While both Martin and Snowden were employed by Booz Allen Hamilton Holding Corp., the official wouldn’t say who employed the contractor in the latest breach.
The NSA, which monitors, collects and processes the most classified communications data for national security purposes, wouldn’t confirm or deny that the incident occurred but said in a statement that it has taken steps to improve its security.
"For the past several years we have continued to build on internal security improvements while carrying out the mission to defend the nation and our allies around the clock," the NSA said. "We’re not relying on only one initiative. Instead, we’ve undertaken a comprehensive and layered set of enterprise defensive measures to further safeguard operations and advance best practices across the intelligence community."
The US government last month banned all use of software in federal information systems, citing concerns about the Moscow-based security firm’s links to the Russian government and espionage efforts.
According to a Homeland Security Department directive, all US agencies were required to identify any Kaspersky products they have used within 30 days and to develop plans to discontinue their use.
“This action is based on the information security risks presented by the use of Kaspersky products,” the DHS said in a statement at the time. “The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates US national security.”
Kaspersky denied “inappropriate ties with any government” and criticized the US decision to ban its software as “based on false allegations and inaccurate assumptions, including claims about the impact of Russian regulations and policies.”
Responding to the NSA breach on Thursday, Kaspersky said in a statement on its website that it "has not been provided any evidence substantiating the company’s involvement in the alleged incident."

First Published: Sat, October 07 2017. 03:51 IST