Israeli intelligence officers watched Russian hackers use software from Moscow-based cybersecurity firm Kaspersky Lab to search for U.S. secrets, the New York Times reports.
The hackers reportedly searched computers across the globe for the code names of U.S. intelligence programs.
Citing current and former government officials who spoke on condition of anonymity, the report says that Israeli officials who had hacked into Kaspersky’s network alerted their U.S. counterparts. The intrusion, which was detected more than two years ago, prompted the U.S. Government’s recent decision to ditch Kaspersky Lab software, the Times said.
The Russian operation reportedly stole classified documents from a NSA employee. The documents were improperly stored on the employee’s home computer, on which Kaspersky Lab software was installed, according to the New York Times.
The Wall Street Journal reported last week that Russian hackers used Kaspersky Lab software installed on a NSA contractor’s computer to steal sensitive information. However, the role of Israeli intelligence in uncovering that intrusion and Russian hackers’ broader use of Kaspersky software in the search for U.S. secrets was not previously known, the New York Times said.
The NSA declined to comment on this story when contacted by Fox News.
Last month the Department of Homeland Security banned federal agencies and departments from using Kaspersky Lab products, citing national security concerns. U.S. officials, who alleged ties between the company and Russian intelligence, gave American government agencies and departments 90 days to get rid of Kaspersky Lab software.
Kaspersky Lab has repeatedly denied the allegations that its products are a threat to U.S. national security, a message it reiterated following the New York Times report. “Kaspersky Lab was not involved in and does not possess any knowledge of the situation in question,” it said, in a statement emailed to Fox News. “As the integrity of our products is fundamental to our business, Kaspersky Lab patches any vulnerabilities it identifies or that are reported to the company.”
“Kaspersky Lab reiterates its willingness to work alongside U.S. authorities to address any concerns they may have about its products as well as its systems, and respectfully requests any relevant, verifiable information that would help the company in its own investigation to certifiably refute the false accusations,” it added.
The Russian and Israeli governments have not yet responded to a request for comment on this story from Fox News.
Attention is now focused on a mysterious 2015 cyberattack on Kaspersky Lab. A report released by the company in June of that year described the attack as a variant of the existing ‘Duqu’ malware, which it dubbed ‘Duqu 2.0’. While Kasperky Lab’s report made no reference to Israel, security experts have drawn comparisons between Duqu and the Stuxnet worm that crippled Iran's nuclear production in 2010. The U.S. and Israel have been linked to the development of Stuxnet.
“With regards to unverified assertions that this situation relates to Duqu2, a sophisticated cyber-attack of which Kaspersky Lab was not the only target, we are confident that we have identified and removed all of the infections that happened during that incident,” said Kaspersky Lab, in its statement emailed to Fox News. “Kaspersky Lab publicly reported the attack, and the company offered its assistance to affected or interested organizations to help mitigate this threat.”
Nonetheless, the New York Times report of “spies watching spies watching spies” keeps Kaspersky Lab firmly in the cybersecurity spotlight at a time when U.S. lawmakers are closely scrutinizing the Russian company.
Sen. Jeanne Shaheen, D-N.H, has been a vocal critic of federal government’s use of Kaspersky Lab products. Following the Wall Street Journal report last week, Shaheen wrote a letter to the leadership of the Senate Armed Services Committee requesting a hearing on the matter. Shaheen is a member of the Armed Services Committee.
Follow James Rogers on Twitter @jamesjrogers