Kaspersky tip led to NSA arrest

The National Security Agency discovered what has been called the largest breach of classified data in its history after a tip from a Russian cybersecurity firm that the U.S. government has banned from its networks as a spy threat, according to people familiar with the matter.

Federal prosecutors in August 2016 arrested a former National Security Agency contractor, Harold Martin, accusing him of taking home without permission at least 50 terabytes of data -- the rough equivalent of 500 million pages of material -- that included highly sensitive hacking tools.

But it was not the agency's enhanced vigilance that led to Martin's arrest at his home in Glen Burnie, Md.

Rather, earlier that month, Moscow-based Kaspersky Lab notified the agency that it had received some strange Twitter messages from Martin seeking to speak with Kaspersky's founder, along with a cryptic comment, "shelf life, three weeks," according to two people familiar with the matter, who spoke on the condition of anonymity to discuss an ongoing investigation.

The messages were sent shortly before a large online release of National Security Agency hacking tools, according to a court document made public last month. The coincidence startled Kaspersky researchers who received the messages, and through Internet sleuthing figured out who Martin was.

Both the court document and Kaspersky's role in alerting the National Security Agency were first reported by Politico.

The release of agency tools by a group calling itself The Shadow Brokers rattled the agency, and suspicion immediately fell upon Martin, who had access to the NSA's elite hacking unit.

However, while U.S. intelligence officials said they have long believed The Shadow Brokers group is linked to Russian intelligence, no evidence has emerged publicly in Martin's case to suggest he was the group's source. Martin, who is in plea negotiations over charges of willful retention of national defense information and theft of government property, is not facing accusations that he transmitted classified material to any unauthorized recipient.

For years, U.S. intelligence agencies suspected the company, founded by Eugene Kaspersky, a graduate of a KGB-supported cryptography school, was enabling Russian espionage. In early 2015, the firm issued a report on an espionage operation run by an entity the firm dubbed The Equation Group that was widely understood to be the NSA. The report revealed NSA tools and capabilities, causing great concern within the agency and President Barack Obama's administration.

Then in September 2017, the U.S. government moved to ban the use of Kaspersky software by federal agencies over concerns the company's software could enable Russian spying. Kaspersky has issued public statements denying it helps any government with cyberespionage.

Business on 01/10/2019

Upcoming Events