US security secrets stolen in Russian NSA hack: reports

News
By published

Hacking tools allegedly snatched when worker loaded them onto home computer

NSA data

Russian state-sponsored hackers stole highly classified US cyber security information from the NSA in 2015, it has been claimed.

According reports from the Wall Street Journal and Washington Post, the breach occurred when a person working in the US spy agency's "elite hacking unit" Tailored Access Operations (TAO) loaded the information onto their home computer.

Shadow Broker exploit dumps five million cyber attacks

TAO is the division of the NSA that "develops tools to penetrate computers overseas to gather foreign intelligence", according to the Washington Post's sources. In particular, the information taken by the person involved included hacking tools that were being developed to replace those considered compromised in the Snowden leaks.

It's currently unclear if the individual was an independent contractor, as claimed by the WSJ, or an employee, as claimed by the Washington Post, but they are unified in their claim that Kaspersky Lab antivirus software installed on the individual's computer was used as the conduit to identify and access the material.

Kaspersky Lab has hit back at the allegations, reiterating it "does not have inappropriate ties to any government, including Russia, and the only conclusion seems to be that Kaspersky Lab is caught in the middle of a geopolitical fight".

See more

The statement also hints at what some independent security researchers had speculated that its software detected the programmes brought home by the individual and classified them as threats, uploading their signatures and other information to its database of threats.

See more
See more

The Washington Post claims the incident, which resulted in the person being removed from their post in November 2015, is still under investigation.

This is the latest in a series of embarrassing breaches for the NSA. While the leaks from Edward Snowden in May 2013 may be the most famous, another contractor Harold Martin was arrested last year in relation to a separate 2013 breach. Then, in 2016, hacking group Shadow Brokers stole a vast cache of hacking tools, once again linked to TAO, from the NSA and leaked them to the public.

These latest reports haven't been confirmed by the NSA, however, with the agency telling Reuters: "[We] never to comment on our affiliates or personnel issues."

Jane McCallion
Jane McCallion
Managing Editor

Jane McCallion is ITPro's Managing Editor, specializing in data centers and enterprise IT infrastructure. Before becoming Managing Editor, she held the role of Deputy Editor and, prior to that, Features Editor, managing a pool of freelance and internal writers, while continuing to specialize in enterprise IT infrastructure, and business strategy.

Prior to joining ITPro, Jane was a freelance business journalist writing as both Jane McCallion and Jane Bordenave for titles such as European CEO, World Finance, and Business Excellence Magazine.

More about data breaches
NHS logo displayed on a smartphone screen in white lettering on a blue background.

NHS supplier hit with £3m fine for security failings that led to attack
Cybersecurity concept image symbolizing third-party data breaches with give padlock symbols and one pictured in red, signifying a security breach.

These five countries recorded the most third-party data breaches last year
Red Ubuntu logo appearing on a web browser with a microscope over the logo, placing emphasis on it

Qualys discovers three bypasses of Ubuntu's unprivileged user namespace restrictions
See more latest
Most Popular
Red Ubuntu logo appearing on a web browser with a microscope over the logo, placing emphasis on it
Qualys discovers three bypasses of Ubuntu's unprivileged user namespace restrictions
Gold lock floating above a digitally rendered motherboard with blue and red glowing hues, denoting ransomware
Security researchers hack BlackLock ransomware gang in push back against rising threat actor
A busy customer service desk
Omnissa eyes growth with revamped partner program
Female software developer using AI coding tools on a desktop computer with light from screen reflecting in spectacles.
Developers spend 17 hours a week on security — but don't consider it a top priority
A close-up of a digital dashboard showing stock market graphs overlaid onto a world map.
Financial services firms look to AI to improve resilience
Male software engineer working on a laptop at a home office desk with two PC monitors sitting on top of desk.
‘This shift highlights not just a continuation but a broad acceptance of remote work as the norm’: Software engineers are sticking with remote work and refusing to budge on RTO mandates – and 21% would quit if forced back to the office
Ransomware concept image showing a warning symbol in red with binary code in background.
Healthcare systems are rife with exploits — and ransomware gangs have noticed
Application security concept image showing a digitized padlock placed upon a digital platform.
ESET looks to ‘empower’ partners with cybersecurity portfolio updates
Databricks logo and branding pictured on a MacBook Pro screen.
Databricks and Anthropic are teaming up on agentic AI development – here’s what it means for customers
Dell Technologies logo and branding pictured at the company's stall at Mobile World Congress (MWC) in Barcelona, Spain.
Scale of Dell job cuts laid bare as firm sheds 10% of staff in a year