NSA data thief caught by Kaspersky, not US officials

Report claims the Moscow-based company was contacted by Harold Martin hours before data appeared online

Kaspersky Lab reportedly played a major role in the arrest of the prolific NSA data thief at a time when the company is facing increasing pressure from the US over its alleged ties to the Russian government.

The revelation suggests that the arrest of Harold T. Martin III, a former NSA contractor, was the result of a tip-off from Kaspersky rather than through the US government's own monitoring systems.

The arrest relates to the theft of 50 terabytes of NSA and government data over a 20-year period, believed to be the largest ever breach of classified material in US history. The stolen data also included some of the NSA's most sophisticated hacking tools.

Two sources close to the case told Politico reporters under the condition of anonymity that the Moscow-based security company received strange Twitter messages back in 2016 from an account linked to Harold T. Martin III, a former NSA contractor.

The messages in question refer to two tweets made in August 2013. The first one requested a conversation with 'Yevgeny' who is believed to be Kaspersky Lab CEO Eugene Kaspersky, whose given name is Yevgeny Kaspersky. The reason for the conversation wasn't given but a second tweet swiftly followed saying "Shelf life, three weeks", suggesting that the offer was for a limited time only.

As a result, Kaspersky is said to have shared its intelligence with the NSA, which prompted Martin's arrest and a raid on his Maryland home in late December.

In the ruling against Martin, US District Court Judge Richard Bennett wrote: "The Defendant's Twitter messages ... were sent just hours before what was purported to be stolen government property was advertised and posted on multiple online content-sharing sites, including Twitter."

The stolen classified files were released by a group known as Shadow Brokers and others were later auctioned for the price of $1 million bitcoin.

"Although the Defendant's Twitter messages could have had any number of innocuous meanings in another setting," Bennett added, "these allegations regarding the context of Defendant's messages provide a substantial basis for the Magistrate's conclusion that there was a 'fair probability' that evidence of the crime of Theft of Government Property ... would be found in information associated with the Defendant's Twitter account."

Martin was charged with 20 felony charges, pleading guilty to one in court late last year.

The news is particularly shocking considering the US government has expressed concerns that Kaspersky software could be a point of vulnerability in US defences given suspected close ties to Moscow. US officials alleged that the FSB was using Kaspersky's software to illegally spy on the US government, and as a result, a ban was placed on the use of Kaspersky products in government systems.

Kaspersky has always maintained is innocence and independence from any government state.

"Kaspersky Lab is disappointed with the Court's decisions on its constitutional challenges to the U.S. Government prohibitions on the use of its products and services by federal agencies," the company said in a statement following the company's court appeal to overturn the ban.

"Since the company's inception over 21 years ago, it has always abided by the highest ethical business practices, and through our recently launched Global Transparency Initiative, Kaspersky Lab is exemplifying its ongoing commitment to assuring the integrity and trustworthiness of its products. Kaspersky Lab reaffirms that it has never, nor will ever, engage in cyber offensive activities, and the Court's decision does not conclude otherwise."

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Most Popular

IT retailer faces €10.4m GDPR fine for employee surveillance
General Data Protection Regulation (GDPR)

IT retailer faces €10.4m GDPR fine for employee surveillance

18 Jan 2021
Citrix buys Slack competitor Wrike in record $2.25bn deal

Citrix buys Slack competitor Wrike in record $2.25bn deal

19 Jan 2021
Should IT departments call time on WhatsApp?

Should IT departments call time on WhatsApp?

15 Jan 2021