New N.S.A. Breach Linked to Popular Russian Antivirus Software
WASHINGTON — In the latest case of an insider removing sensitive data from the nation’s largest intelligence agency, Russian hackers obtained classified documents that a National Security Agency employee had taken and stored on his home computer. Investigators believe the hackers may have penetrated the computer by exploiting Kaspersky Lab antivirus software, a Russian brand widely used around the world, that the employee was using, according to officials briefed on the matter.
The highly classified material involved the agency’s techniques for breaking into foreign computer networks to collect intelligence, the officials said. The case appears to be separate from a larger breach of security, by a group calling itself the Shadow Brokers, which has been publicly posting samples of the agency’s hacking tools periodically for more than a year. The case was first reported by The Wall Street Journal on Thursday.
Investigators say the employee does not appear to have intended to let the sensitive cybertools escape to the outside world. Officials believe he took the material home — an egregious violation of agency rules and the law — because he wanted to refer to it as he worked on his résumé. The maker of the antivirus software installed on his home computer, Kaspersky Lab, is a Russian company that American security officials have long feared may cooperate with, or be infiltrated by, the Russian government.