NSA Data Breach Compromises the Security of U.S. Cyber Defense

Reports are out that the National Security Agency (NSA) suffered a data breach and this time, authorities are pinning Russian hackers as the culprits.

On Thursday, the Wall Street Journal reported that another NSA data breach occurred, seemingly putting the spy agency in another embarrassing situation.

Sources said that the hacking incident happened after an NSA contractor removed highly classified materials containing details of how NSA infiltrated foreign computer networks and moved them on his home computer.

Apparently, the Russian hackers were able to pin down the contractor after being able to identify some of the files through the antivirus software he’s been using made by the Russian-based Kaspersky Lab.

The incident was said to have happened in 2015, but unfortunately, was not discovered until the spring of 2016. Experts deemed the said NSA data breach as one of the most significant security breaches that happened in years.

The breach gave the intelligence community a very rare glimpse into how Russian spies take advantage of widely used commercial software in the U.S. in order to obtain sensitive information.

NSA Data Breach: Another Blow to the Embattled US Spy Agency

People familiar with the incident further said that the stolen materials contained details about:

• how computer networks are being penetrated by NSA,
• the codes it uses for its spying missions,
• and how the agency defends networks within the United States.

The said information was deemed crucial as it can be used by the Russian government to protect its own network and make it impossible for NSA to conduct cyber espionage.

Talk about privacy people!

Aside from being used to enhance its cyber defense, the information could also be used by Russia to infiltrate the United States and apparently other nations as well.

The NSA data breach is the first known hacking incident directly involving the Kaspersky software. Russian hackers were said to exploit the popular antivirus program and used it to conduct espionage against the U.S. government.

Reports claimed that the software company had a revenue of more than half a billion dollars in Western Europe and the Americas in 2016. Its user base boasts of over 400 million users globally.

Members of the Congress showed disappointment about the latest NSA data breach, putting the blame on the shoulders of the spy agency itself, and not its people, for the vendors it uses.

Another three contractors for the NSA were accused of releasing the agency’s secret: Air Force veteran Reality Winner, former Booz Allen Hamilton contractor Harold Martin, and the former CIA employee Edward Snowden. According to a report from NPR, an online entity called the Shadow Brokers also tried to auction what it claimed to be stolen software from the embattled spy agency.

In a statement released by Republican Sen. Ben Sasse of Nebraska, he slammed the NSA for its failure to secure vital government information.

“The men and women of the U.S. intelligence community are patriots, but the NSA needs to get its head out of the sand and solve its contractor problem.”

“Russia is a clear adversary in cyberspace, and we can’t afford these self-inflicted injuries,” Sasse said.

The latest NSA data breach comes at a time when the US government is probing an alleged Russian infiltration of American computer networks and social media platforms during the last US election, which saw celebrity businessman turned politician President Donald J. Trump as the 45th president of United States.

Allegations claimed that Mr. Trump received assistance from the Russian government to win the elections. The president has long denied the accusations and called the matter a witch hunt.

NSA has yet to issue a statement regarding the hacking incident citing that:

 “Whether the information is credible or not, NSA’s policy is never to comment on affiliate or personnel matters.”

In a separate statement, Kaspersky Lab said that it “has not been provided any information or evidence substantiating this alleged incident, and as a result, we must assume that this is another example of a false accusation.”

On Thursday, Sen. Jeanne Shaheen asked the Senate Armed Services Committee to conduct hearings on the matter. In a letter addressed to Sen. John McCain, she wrote:

“As you are aware, I have been concerned about the serious dangers of using Kaspersky software due to the company’s strong ties to the Kremlin.”

Currently, the NSA contractor involved in the NSA data breach has not been named. Reliable sources said that he had purposely taken home numerous documents and other materials from the NSA headquarters because he apparently wanted to work beyond his regular office hours.

It is unclear if he has been dismissed from his job, but he is not believed to have aided the Russian government. However, it is clear that he knew that it’s against NSA’s policy to remove any classified information without authorization from the agency. The recent NSA data breach remains under federal investigation, people familiar with the case said.

What can you say about this latest NSA data breach? What actions should the U.S. government do to address the evident failure of the spy agency to protect valuable state information? Share your thoughts in the comment section below!