Latest in Antivirus

Image credit:

US and UK spy agencies are exploiting flaws in security software

20 Shares
Share
Tweet
Share
Save

Those worries that governments are trying to undermine security software? They're well-founded. The Intercept has learned that both the US' National Security Agency and the UK's Government Communications Headquarters have been reverse engineering security software, such as antivirus tools and encryption programs, to look for flaws that can be used in surveillance hacks. Some of the targets in recent years include Kaspersky Lab's security suite (sound familiar?), Acer's eDataSecurity and Exlade's CrypticDisk. GCHQ also deconstructed numerous other commonly available programs, including vBulletin's forum software and popular server management tools.

The NSA, at least, has taken things one step further. A 2010 presentation reveals that the agency was monitoring threat reports sent to antivirus and firewall software makers in the hopes of finding exploits, whether they're brand new forms of malware or vulnerabilities in the defensive apps themselves. It's easier than you might think, too. It's not always possible to update virus definitions very quickly, and many antivirus developers can take weeks or months to patch exploits in their own code.

There's a number of concerns with these activities beyond the spying itself. GCHQ's reverse engineering stretched interpretations of the law, and the organization spent extensive time buttering up the Foreign and Commonwealth Office to get approval for its activities. And as Kaspersky suggested after discovering a breach in its networks, there's a betrayal of trust here -- intelligence agencies are compromising the very programs that are meant to keep you safe.

[Image credit: AP Photo/Efrem Lukatsky]

From around the web

ear iconeye icontext filevr