A Hacking Group Has Been Undermining Anti-Virus Software, but It’s Not Who You Think

* Actually, I'll bet DU'ers can guess who the hackers are..


Security companies may be moving away from the anti-virus model of cataloging and scanning for threats, but if that's all you have on your computer, it's still better than nothing. Unless the security program you're running has been compromised by the National Security Agency, in which case it's time to hurl your computer against a brick wall and go to Dairy Queen.

Surfacing new documents from the Snowden trove, the Intercept reports that the NSA and the British surveillance agency Government Communications Headquarters, or GCHQ, have had initiatives to undermine anti-virus software to facilitate government tracking, data surveillance, and assorted intelligence-gathering.

The documents indicate that the agencies reverse-engineered numerous anti-virus offerings, especially products from Moscow-based Kaspersky Lab, which has a holding in the United Kingdom. The company says it has 270,000 corporate clients and protects a total of 400 million people worldwide.

Monitoring anti-virus software is valuable for intelligence agencies because it identifies new malware and can reveal trends in cyberattacks. By undermining these security measures, the NSA can get information about new threats and even prevent monitoring software from detecting its own surveillance malware.

http://www.slate.com/blogs/future_tense/2015/06/22/nsa_and_gchq_have_been_using_anti_virus_software_to_do_surveillance.html