Categories: Security

Snowden: NSA And GCHQ ‘Targeted’ Security Firms

The NSA and GCHQ targeted the makers of widely used antivirus software in order to find ways to bypass the programs’ protections, according to newly leaked documents obtained by former NSA contractor Edward Snowden.

GCHQ had a particular focus on Russian antivirus maker Kaspersky Lab, and even obtained warrants for the reverse-engineering of Kaspersky’s software because it feared the activity might otherwise be “unlawful”.

Neutralising security

“Reverse engineering of commercial products needs to be warranted in order to be lawful,” read a 2009 GCHQ memo published by The Intercept, an online publication launched last year with a focus on the Snowden documents. “There is a risk that in the unlikely event of a challenge by the copyright owner or licensor, the courts would, in the absence of a legal authorisation, hold that such activity was unlawful.”

The warrants were issued by the Foreign Secretary under the UK’s Intelligence Services Act 1994 Section 5, giving GCHQ permission to modify commercial software to “enable intercept, decryption and other related tasks”.

GCHQ said in another memo that personal security products such as Kaspersky’s posed a “challenge” to the agency’s Computer Network Exploitation (CNE) capability. “SRE (software reverse-engineering) is essential in order to be able to exploit such software and to prevent detection of our activities,” the memo stated.

The Intercept argued that the warrants are “legally questionable on several grounds”, in part because the law upon which they are based makes reference to interference with property and communications systems but not intellectual property.

A slide from an NSA presentation lists at least 23 IT security software makers that the agency targeted, including Finland’s F-Secure, Slovakia’s Eset, Czech Republic’s Avast and Romania’s Bit-Defender. US firms Symantec and McAfee and the UK’s Sophos were not listed.

Communications intercepted

In addition to reverse engineering, the agencies also intercepted communications sent to companies including Kaspersky in order to identify newly reported vulnerabilities that might be used to help gain access to target systems, according to the report.

The spy agencies also reportedly reverse-engineered CheckPoint firewall software and commercial encryption programs such as CrypticDisk and Acer’s eDataSecurity, as well as Cisco routers, modifying some routers in order to “re-route selective traffic” into data collection systems.

Earlier this month Kaspersky said it was hacked last year by the Stuxnet and Duqu gangs, which transferred data from the company’s network over a period of several months.

Kaspersky says its software protects more than 400 million users worldwide.

Are you a security pro? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Wisk Plans Autonomous Air Taxi Flights By Decade’s End

Boeing-owned start-up Wisk plans autonomous eVTOL flights by end of decade as companies crowd into…

8 hours ago

US Cracks Down On Tech Shipments To Russia

Shipments of high-end chips and other electronics to Russia via China and Hong Kong said…

9 hours ago

Double-Digit Growth For Google Expected Amidst AI Push

Google expected to see double-digit revenue and profit growth for second quarter amidst AI cloud…

9 hours ago

Xiaomi Entered EV Market ‘Due To US Sanctions’

Xiaomi chief executive says he decided to begin making electric vehicles after company was placed…

10 hours ago

Nvidia Said To Develop ‘Blackwell’ AI Chip For China

Nvidia said to be developing version of next-gen 'Blackwell' AI chip for China market as…

10 hours ago

NHS Delays Continue After Windows Outage

Patients told to expect delays into this week as disruption to EMIS booking system leads…

1 day ago