Documents have emerged, reportedly from Edward Snowden, detailing how the National Security Agency and the Government Communications Headquarters in the U.K. have routinely reversed antivirus software of global companies. The Intercept reports:
The spy agencies have reverse engineered software products, sometimes under questionable legal authority, and monitored web and email traffic in order to discreetly thwart anti-virus software and obtain intelligence from companies about security software and users of such software. One security software maker repeatedly singled out in the documents is Moscow-based Kaspersky Lab, which has a holding registered in the U.K., claims more than 270,000 corporate clients, and says it protects more than 400 million people with its products.
British spies aimed to thwart Kaspersky software in part through a technique known as software reverse engineering, or SRE, according to a top-secret warrant renewal request. The NSA has also studied Kaspersky Lab’s software for weaknesses, obtaining sensitive customer information by monitoring communications between the software and Kaspersky servers, according to a draft top-secret report. The U.S. spy agency also appears to have examined emails inbound to security software companies flagging new viruses and vulnerabilities.
One name that kept coming up over and over was Kaspersky. U.K. officials had a particularly tough time trying to crack Kaspersky software, and requested a warrant in 2008 in order to reverse engineer the company's technology. As The Intercept explained, reverse engineering of software is often forbidden by licensing agreements and, in some cases, laws. So GCHQ requested a warrant.
"It is unclear what GCHQ accomplished in its analysis of Kaspersky software, but GCHQ has repeatedly reverse engineered software to discover vulnerabilities," The Intercept said. "Rather than report the vulnerabilities to the companies, spy agencies have quietly stockpiled numerous exploits for a wide range of commercial hardware and software, using them to hack adversaries."
Across the pond, meanwhile, the NSA also had an interest in Kaspersky. In 2008, they found that its software was transmitting information that might reveal who was using Kaspersky software and allow for tracking of those users. Kaspersky told The Intercept that is not the case, however.
