Wall Street Journal Reporter Says Vital Information Was Exposed In NSA Breach
MARY LOUISE KELLY, HOST:
Let's turn now to news of yet another major security breach at the National Security Agency. This one involves Russia - Russian government hackers, to be precise, who targeted the home computer of an NSA contractor and reportedly stole highly classified material off it. The Wall Street Journal broke the story, and Wall Street Journal writer Shane Harris is here now to tell us more. Hey, Shane.
SHANE HARRIS: Hi, how are you?
KELLY: What do we know about these hackers? And what do we know about the data that they reportedly stole?
HARRIS: All right, well, the data itself is information that the NSA uses to hack into foreign government computer systems. It's how the NSA spies on its adversaries and its targets. And there was also information, we understand, that was exposed about how the NSA protects computer networks in this country. Hackers working for the Russian government - and we should say we don't know precisely which agency, but officials have concluded they were working on the government's behest - hacked into this home computer of this NSA contractor. He had removed this information from his workplace, took it home and put it on his home computer.
KELLY: Just to work on it at home...
HARRIS: Just to work on it. Right.
KELLY: ...In the evening hours. OK.
HARRIS: There's apparently - was no malicious intent in this, but that is an egregious violation of security policies.
KELLY: And sounds like information that you would not want to fall into the hands of the Russian government if you work at National Security Agency.
HARRIS: Not at all. This would be the information you don't want to fall into the hands of the Russian government.
KELLY: And just to give people a sense of the timing, your reporting indicated that this breach happened in 2015, that the NSA found out about it last year and they've been trying to look into it and investigate...
KELLY: ...Ever since. So how serious a breach is this? I mean, how much damage might this do to the NSA as it's trying to continue doing its work?
HARRIS: It's potentially very serious because here we're talking about information that the NSA uses to conduct its mission, which is to spy on other governments and to spy on organizations. So if they've lost the ability to do that from with - having lost these tools or, more to the point, no longer being able to have confidence that their adversary doesn't know what these tools are that they're using, which have to remain secret, it could definitely impair their ability to collect intelligence.
KELLY: Now, the NSA says that it has made reforms since the Edward Snowden episode in 2013, that it has fixed things so that this will not keep happening. Does this episode suggest that there's still progress to be made?
HARRIS: I think so. This is the third major incident that we know about, including Edward Snowden and another NSA contractor called Harold Martin, who took a lot of classified information home as well over the course of many years.
KELLY: Which we learned about last year. Yeah.
HARRIS: That's right. But you've now got three instances in which people who had access to highly confidential classified information were able to walk out of their workplace with it. And we interviewed people for this story who said when they worked at NSA they routinely, as they left, were never patted down. The security procedures were quite lax. And they speculated, you know, they probably could have taken classified information out if they wanted to as well.
KELLY: Let me insert another name into our conversation, and that is Kaspersky. The NSA employee was running Kaspersky Anti-Virus software on this home computer. The U.S. government has been hinting for months that it thinks Kaspersky operates as a tool for Russian intelligence. And you're reporting that Kaspersky software may have been the way in for these hackers. Explain.
HARRIS: Right. Investigators have determined that Kaspersky is how these Russian hackers knew what was on this individual's computer. So Kaspersky is like any anti-virus program. What it does is it scans the machine on which it's installed, takes a log of all the files and looks for malicious code. It's kind of like a digital security guard on your computer. But what it also then has is a - kind of a log of what's on that computer. And that can be stored.
The investigators think that armed with that information, the hackers were able to home in on this machine. We still don't know exactly whether Kaspersky was instructed to do this, whether the Russian government did this without their knowledge. But this was the tool, investigators think, to tell them what was on the machine.
KELLY: I want to mention that Kaspersky is among NPR's corporate underwriters. And I also want to mention they have put out a statement responding to your story. What do they say?
HARRIS: They say they have no knowledge of this incident. And they deny in any way helping the Russian government conduct intelligence operations.
KELLY: Shane Harris, senior national security writer for The Wall Street Journal, thanks so much.
HARRIS: It's my pleasure.
KELLY: And a House committee says it has scheduled a hearing on Kaspersky Lab software for later this month. They'll be investigating the relationship between Kaspersky and the Kremlin.
NPR transcripts are created on a rush deadline by Verb8tm, Inc., an NPR contractor, and produced using a proprietary transcription process developed with NPR. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.