US security secrets stolen in Russian NSA hack: reports

Hacking tools allegedly snatched when worker loaded them onto home computer

NSA data

Russian state-sponsored hackers stole highly classified US cyber security information from the NSA in 2015, it has been claimed.

According reports from the Wall Street Journal and Washington Post, the breach occurred when a person working in the US spy agency's "elite hacking unit" Tailored Access Operations (TAO) loaded the information onto their home computer.

TAO is the division of the NSA that "develops tools to penetrate computers overseas to gather foreign intelligence", according to the Washington Post's sources. In particular, the information taken by the person involved included hacking tools that were being developed to replace those considered compromised in the Snowden leaks.

It's currently unclear if the individual was an independent contractor, as claimed by the WSJ, or an employee, as claimed by the Washington Post, but they are unified in their claim that Kaspersky Lab antivirus software installed on the individual's computer was used as the conduit to identify and access the material.

Kaspersky Lab has hit back at the allegations, reiterating it "does not have inappropriate ties to any government, including Russia, and the only conclusion seems to be that Kaspersky Lab is caught in the middle of a geopolitical fight".

The statement also hints at what some independent security researchers had speculated that its software detected the programmes brought home by the individual and classified them as threats, uploading their signatures and other information to its database of threats.

The Washington Post claims the incident, which resulted in the person being removed from their post in November 2015, is still under investigation.

This is the latest in a series of embarrassing breaches for the NSA. While the leaks from Edward Snowden in May 2013 may be the most famous, another contractor Harold Martin was arrested last year in relation to a separate 2013 breach. Then, in 2016, hacking group Shadow Brokers stole a vast cache of hacking tools, once again linked to TAO, from the NSA and leaked them to the public.

These latest reports haven't been confirmed by the NSA, however, with the agency telling Reuters: "[We] never to comment on our affiliates or personnel issues."

Featured Resources

Modern governance: The how-to guide

Equipping organisations with the right tools for business resilience

Free Download

Cloud operational excellence

Everything you need to know about optimising your cloud operations

Watch now

A buyer’s guide to board management software

How the right software can improve your board’s performance

The real world business value of Oracle autonomous data warehouse

Lead with a 417% five-year ROI

Download now

Recommended

US gov issues fresh warning over Russian threat to critical infrastructure
cyber warfare

US gov issues fresh warning over Russian threat to critical infrastructure

12 Jan 2022
Gumtree site code made personal data of users and sellers publicly accessible
data protection

Gumtree site code made personal data of users and sellers publicly accessible

16 Dec 2021
Pizza chain exposed 100,000 employees' Social Security numbers
data breaches

Pizza chain exposed 100,000 employees' Social Security numbers

19 Nov 2021
83% of critical infrastructure companies have experienced breaches in the last three years
cyber security

83% of critical infrastructure companies have experienced breaches in the last three years

11 Nov 2021

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

6 Jan 2022
Dell XPS 15 (2021) review: The best just got better
Laptops

Dell XPS 15 (2021) review: The best just got better

14 Jan 2022
How to speed up Windows 11
Microsoft Windows

How to speed up Windows 11

7 Jan 2022