The NSA and GCHQ targeted the makers of widely used antivirus software in order to find ways to bypass the programs’ protections, according to newly leaked documents obtained by former NSA contractor Edward Snowden.
GCHQ had a particular focus on Russian antivirus maker Kaspersky Lab, and even obtained warrants for the reverse-engineering of Kaspersky’s software because it feared the activity might otherwise be “unlawful”.
The warrants were issued by the Foreign Secretary under the UK’s Intelligence Services Act 1994 Section 5, giving GCHQ permission to modify commercial software to “enable intercept, decryption and other related tasks”.
GCHQ said in another memo that personal security products such as Kaspersky’s posed a “challenge” to the agency’s Computer Network Exploitation (CNE) capability. “SRE (software reverse-engineering) is essential in order to be able to exploit such software and to prevent detection of our activities,” the memo stated.
The Intercept argued that the warrants are “legally questionable on several grounds”, in part because the law upon which they are based makes reference to interference with property and communications systems but not intellectual property.
A slide from an NSA presentation lists at least 23 IT security software makers that the agency targeted, including Finland’s F-Secure, Slovakia’s Eset, Czech Republic’s Avast and Romania’s Bit-Defender. US firms Symantec and McAfee and the UK’s Sophos were not listed.
In addition to reverse engineering, the agencies also intercepted communications sent to companies including Kaspersky in order to identify newly reported vulnerabilities that might be used to help gain access to target systems, according to the report.
The spy agencies also reportedly reverse-engineered CheckPoint firewall software and commercial encryption programs such as CrypticDisk and Acer’s eDataSecurity, as well as Cisco routers, modifying some routers in order to “re-route selective traffic” into data collection systems.
Earlier this month Kaspersky said it was hacked last year by the Stuxnet and Duqu gangs, which transferred data from the company’s network over a period of several months.
Kaspersky says its software protects more than 400 million users worldwide.
Are you a security pro? Try our quiz!
Industry supply chain analyst says Apple cut orders for the iPhone 16 for Q4 2024…
Heavy fine for LinkedIn, after Irish data protection watchdog cites GDPR violations with people's personal…
UK competition regulator begins phase one investigation into Alphabet's partnership with AI startup Anthropic
After alerting the US of an attempt to circumvent US export controls, TSMC halts chip…
Fresh win for Intel after Europe top court upholds annulment of billion-euro antitrust fine imposed…
News Corp surprises Perplexity, after the media group sued the AI search engine for allegedly…