The Russian security giant Kaspersky Lab admitted to being hacked. Kaspersky Lab CEO and founder Eugene Kaspersky wrote on their corporate blog 

“We discovered an advanced attack on our own internal networks. It was complex, stealthy, it exploded several zero-day vulnerabilities, and we’re quite confident that there’s a nation state behind it.”

Kaspersky is one of the largest provider of consumer antivirus software, not to mention being an industry leader in the world of cyber security. The attack was named Duqu 2.0, which is a reference to the specific piece of malware called Duqu that was widely considered to be closely linked to the Stuxnet attack that targeted Iran, India, France and the Ukraine in 2011.

The intention behind the attack was to gain access to Kaspersky’s corporate networks to learn more about its products, and that Kaspersky Lab was not the only target.

This attack was actually kind of stupid on the part of the hackers, particularly because security firms like Kaspersky Lab generally sell exploits and other security products on the open market, so the hackers could have paid for the information that they were after in the first place. By hacking Kaspersky Lab, they took the risk of getting caught, which they did, and ultimately revealed their own capabilities. Think of this discovery as Kaspersky Lab being able to see the cards that these attackers had in their hand.

With the brazen attack on Kaspersky, consumers everywhere will likely have concerns about their antivirus solutions. This is understandable from a consumer perspective, as the company you were counting on to protect you from malware could not protect itself from malware.  Eugene Kaspersky took to twitter to reassure enterprise customers and consumers that there is no risk to them. Kaspersky has always created great products and this reassurance is helpful, but if there was a risk to their customers, would they be as forth coming with a warning as they are with their reassurance.

TIPS:
Change your Password – Read about how important this is here.

If you have any concerns about antivirus software, the risk that hackers pose to you or your company, feel free to reach out to me via email at bryan@seelysecurity.com
Follow me on Twitter
Connect with me on Linkedin.com