Israeli intelligence officials warned the United States about Russian hackers breaking into their information security, using Kaspersky Lab antivirus software.
The U.S. government recently prohibited federal agencies from using the company’s products, a software used by 400 million people globally, after it emerged that Russian operators had morphed the program into a search engine for sensitive information, The New York Times reported on Tuesday. The classified data was then extracted back to Russian intelligence systems.
The Israeli officials who had hacked into Kaspersky’s network over two years ago became suspicious, after discovering evidence that Russian hackers were accessing classified U.S. programs through the computers of Kaspersky Lab, a Moscow-based cybersecurity firm.
Israel then warned their U.S. counterparts of the Russian intrusion and alarmed officials immediately began a hunt for the breach. That led to a decision in Washington to order Kaspersky software being removed from government computers for facilitating Russian espionage.
The New York Times reported that the Russian operation, according to sources familiar with the breach, is known to have stolen classified documents from the home computer of an National Security Agency contractor, which had Kaspersky antivirus software installed on it.
Kaspersky Lab denied accusations that it had been involved in the hacking. “Kaspersky Lab has never helped, nor will help, any government in the world with its cyberespionage efforts,” the company said in a statement. Kaspersky Lab added that it “respectfully requests any relevant, verifiable information that would enable the company to begin an investigation at the earliest opportunity.”
It isn’t clear if employees at Kaspersky were involved in the hacking, or if Russian intelligence agencies exploited the company’s anti-virus software to gain access to U.S. government systems.
The New York Times said that the N.S.A. and the White House declined to comment, as did the Israeli Embassy, while the Russian Embassy did not respond to requests for comment.
This is not the first time that Israel assisted Western countries in defending against global cyberattacks. In November 2015, an Iranian hacking group believed to be affiliated with Iran’s Islamic Revolutionary Guard Corps was crippled by raids carried out by police across Europe after an Israeli-American cybersecurity firm informed them about the group’s activities.