New documents from whistleblower Edward Snowden have revealed a dedicated campaign by the NSA and GCHQ to subvert and exploit anti-virus software. The aim of the work is to evade detection, while using vulnerabilities in the security software to infiltrate critical systems.
The agencies reversed engineered software products to achieve their goals; targeting the over 17 security companies across the globe, with Kaspersky being singled out as being the biggest threat to their work. The Russian security company has been instrumental in exposing government link malware campaigns, which has recently resulted in it becoming the target of a sophisticated cyberattack.
Reverse engineering is generally considered to be legally by the terms and conditions of most software, mainly to prevent the code and functions from being pirated. The GCHQ had originally filed a top secret warrant request to allow it to continue its work, which appears to have been granted by the courts. Its American counterpart, the NSA, did not act with the same government authorisation.
Anti-virus software, according the to original report in The Intercept, lags behind other software in protecting itself against exploits. Exploiting the software would provide the attackers with the highest administrator privileges, which is where they will be able to do the most damage.
[Source: The Intercept]
