The NSA and GCHQ targeted the makers of widely used antivirus software in order to find ways to bypass the programs’ protections, according to newly leaked documents obtained by former NSA contractor Edward Snowden.
GCHQ had a particular focus on Russian antivirus maker Kaspersky Lab, and even obtained warrants for the reverse-engineering of Kaspersky’s software because it feared the activity might otherwise be “unlawful”.
The warrants were issued by the Foreign Secretary under the UK’s Intelligence Services Act 1994 Section 5, giving GCHQ permission to modify commercial software to “enable intercept, decryption and other related tasks”.
GCHQ said in another memo that personal security products such as Kaspersky’s posed a “challenge” to the agency’s Computer Network Exploitation (CNE) capability. “SRE (software reverse-engineering) is essential in order to be able to exploit such software and to prevent detection of our activities,” the memo stated.
The Intercept argued that the warrants are “legally questionable on several grounds”, in part because the law upon which they are based makes reference to interference with property and communications systems but not intellectual property.
A slide from an NSA presentation lists at least 23 IT security software makers that the agency targeted, including Finland’s F-Secure, Slovakia’s Eset, Czech Republic’s Avast and Romania’s Bit-Defender. US firms Symantec and McAfee and the UK’s Sophos were not listed.
In addition to reverse engineering, the agencies also intercepted communications sent to companies including Kaspersky in order to identify newly reported vulnerabilities that might be used to help gain access to target systems, according to the report.
The spy agencies also reportedly reverse-engineered CheckPoint firewall software and commercial encryption programs such as CrypticDisk and Acer’s eDataSecurity, as well as Cisco routers, modifying some routers in order to “re-route selective traffic” into data collection systems.
Earlier this month Kaspersky said it was hacked last year by the Stuxnet and Duqu gangs, which transferred data from the company’s network over a period of several months.
Kaspersky says its software protects more than 400 million users worldwide.
Are you a security pro? Try our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…