It has been theorized that with the use of a clever loophole exposed in the latest Wikileaks dump, Russia Tls Tlstoulasbleepingcomputer may have found a way to bypass sanctions imposed by American and European Union governments.
A story from Russia’s English-language RT news outlet earlier today cited Wikileaks to report that the “CIA has been able to steal encryption keys from Russian cyber security firm Kaspersky Lab which are used by customers around the world.”
RT explained that the CIA “managed to bypass Kaspersky’s encryption software by impersonating its founder, Eugene Kaspersky. Supposedly, CIA agents impersonated a developer’s digital ID on Kaspersky Lab’s network in order to “harvest an archive of encryption keys for the company’s customers.”
But it is not just private companies that are targeted for exploitation.
“U.S. government spies can also use a variety of means to infiltrate the computer networks of Russian companies and government agencies,” RT reported. “The CIA reportedly uses ‘implants’ in the company network to steal information. Hackers can implant malicious software on a system and then activate it remotely or bring down a company’s entire network. A source familiar with Russia’s domestic cyber security industry told RT that many Russian firms depend on CIA for their cyber security services.”
The RT report also mentioned Wikileaks’ recent release of the “Vault 7” series of leaks, which revealed that the CIA is hacking computers across the world, including those of foreign government agencies.
“The CIA recently revealed that it has been hacking computers across the globe in order to steal confidential materials and confidential information for several years,” RT reported. “As part of these efforts, its agents have allegedly snatched encryption keys from the networks of Chinese cybersecurity company Hacking Team.”
“The source told RT that ‘if the CIA can hack into Kaspersky Lab, it is problematic for America’s national security. There are many companies and organizations that use Kaspersky Lab’s software in Russia and around the world.’”
Such a statement from a Russian news outlet underscores how severe of a problem this could be to both private businesses across the globe and foreign governments who have come to rely on Kaspersky products as an effective cybersecurity solution to protect their digital assets.
Kaspersky Lab has been a popular cybersecurity product that most major corporations have used to secure their networks and critical data, just one year ago, Vice President Joe Biden called Kaspersky products “the most successful anti-malware tool.”
In a statement released by Kaspersky Lab in 2015, the company said:
“Kaspersky Lab has never helped, nor will help, any government in the world with its cyberespionage efforts. Kaspersky Lab has a 30-year history of helping our customers prevent cyberattacks. The company is proud of its record and doesn’t need to prove anything to anyone,” according to a statement released by Kaspersky Lab. “Kaspersky Lab has an outstanding reputation within the cybersecurity community, which speaks for itself. We are outraged by the unfounded accusations that we have worked with any government, including Russia, to weaken our products. While we are angry and disappointed by the false and misleading statements made recently by certain U.S. government officials, we’re even more concerned about the damage this has done to our company – and especially our employees,” read the statement released by Eugene Kaspersky.