 |
| Guess what: Even the best security companies can be hacked. |
Security firms are supposed to keep us safe from threats like malware
and hacker attacks, but occasionally they fall foul of the bad guys
too. A year ago Avast was hacked, and some 400,000 user details were stolen. Two years ago, AVG and Avira had their websites taken over by pro-Palestinian hackers. The latest security firm to be hacked is Russian anti-virus software maker Kaspersky Lab.
In a post on the company's blog,
Chairman and CEO Eugene Kaspersky says the attack on its own internal
networks was "complex, stealthy, [and] it exploited several zero-day
vulnerabilities". The firm is also very confident that there was a
"nation state" behind it all. Antivirus firms like to name threats, and Kaspersky Lab has labeled this particular attack Duqu 2.0, after the Duqu Trojan which was used in attacks on Iran, India, France and Ukraine back in 2011.
Kaspersky Lab believes the purpose of the hack was to steal the company’s secrets, and says the attack was "a generation
ahead of anything we’d seen earlier -- it uses a number of tricks that
make it really difficult to detect and neutralize. It looks like the
people behind Duqu 2.0 were fully confident it would be impossible to
have their clandestine activity exposed".
The firm views the hack as being mostly a good thing because despite
its sophistication, Kaspersky Lab was able to detect it, and now has
everything it needs to protect customers against future attacks. No
products or services were compromised in the hack, and customers remain
perfectly safe.
Duqu 2.0 wasn’t only used to spy on Kaspersky Lab but, according to
the firm, also used to spy "on several prominent targets, including
participants in the international negotiations on Iran’s nuclear program
and in the 70th anniversary event of the liberation of Auschwitz".
No comments:
Post a Comment