Russian state hackers stole a collection of National Security Agency (NSA) hacking tools and other documents from the personal computer of an agency contractor who had taken the classified documents home from work, reports The Wall Street Journal.
The reported breach took place in 2015 but wasn’t discovered until spring of last year.
The Journal reports that the hackers identified the documents through Kaspersky Lab antivirus software. The Department of Homeland Security recently barred federal agencies from using Kaspersky Lab products due to security concerns but has been tight-lipped about what intelligence linked the popular, Moscow-based computer security firm to specific intelligence operations.
{mosads}
White House cyber czar Rob Joyce has, however, repeatedly said that the Kaspersky Lab software’s ability to access files on systems could be a potential way to compromise a system.
The Journal story says the breach is unrelated to the Martin incident and it is unclear if the event is related to the ShadowBrokers. The ShadowBrokers releases, however, appear to be of files from 2013 and earlier, two years before the alleged Russian hacking incident.
In a statement on the breach, Sen. Ben Sasse (R-Neb.) said the NSA should re-examine its use of contractors. Contractors have been the apparent sources of a number of intelligence leaks, dating back to Edward Snowden.
“The men and women of the U.S. Intelligence Community are patriots; but, the NSA needs to get its head out of the sand and solve its contractor problem. Russia is a clear adversary in cyberspace and we can’t afford these self-inflicted injuries.”
“This development should serve as a stark warning, not just to the federal government, but to states, local governments, and the American public, of the serious dangers of using Kaspersky software,” said Sen. Jeanne Shaheen (D-N.H.) in a statement on Thursday.
Shaheen has been actively involved in efforts to reduce Kaspersky Lab’s footprint, including a September opinion piece in The New York Times railing against government use.
“The recent order to remove Kaspersky from all federal infrastructure is absolutely necessary, however, the Trump administration should take further steps, including declassifying information on Kaspersky Lab to raise awareness. It’s a disservice to the public and our national security to continue withholding this information,” she later added.
This story was updated at 2:20 p.m.