WASHINGTON (Reuters) – Israeli intelligence officials spying on Russian government hackers found they were using Kaspersky Lab antivirus software that is also used by 400 million people globally, including U.S. government agencies, according to media reports on Tuesday.
The Israeli officials who had hacked into Kaspersky’s network over two years ago then warned their U.S. counterparts of the Russian intrusion, said The New York Times, which first reported the story.
That led to a decision in Washington only last month to order Kaspersky software removed from government computers.
The Washington Post also reported on Tuesday that the Israeli spies had also found in Kaspersky’s network hacking tools that could only have come from the U.S. National Security Agency.
After an investigation, the NSA found that those tools were in possession of the Russian government, the Post said.
And late last month, the U.S. National Intelligence Council completed a classified report that it shared with NATO allies concluding that Russia’s FSB intelligence service had “probable access” to Kaspersky customer databases and source code, the Post reported.
That access, it concluded, could help enable cyber attacks against U.S. government, commercial and industrial control networks, the Post reported.
The New York Times said the Russian operation, according to multiple people briefed on the matter, is known to have stolen classified documents from a National Security Agency employee who had improperly stored them on his home computer, which had Kaspersky antivirus software installed on it.
It is not yet publicly known what other U.S. secrets the Russian hackers may have discovered by turning the Kaspersky software into a sort of Google search for sensitive information, the Times said.
The current and former government officials who described the episode spoke about it on condition of anonymity because of classification rules, the Times said.
The newspaper said the National Security Agency and…