Israeli officials who had hacked into the Kaspersky Lab, a Russian multinational cybersecurity and anti-virus provider headquartered in Moscow, alerted the US about an unreported, wide-scale Russian intrusion, following which Kaspersky software was removed from government computers on September 13, the New York Times reported Wednesday.
The Kaspersky antivirus software is used by 400 million clients worldwide.
The National Security Agency, the White House, the Israeli Embassy and the Russian Embassy in Washington DC have not responded to inquiries nor issued comments on the report.
The Russian hacking operation has stolen classified documents from the home computer of a National Security Agency employee who was using the Kaspersky software, according to the Times. The full extent of the damage from other aspects of the hacking is not yet known—or publicized.
The alert to the US authorities was based, according to the Times, on Israel’s 2014 hacking of Kaspersky’s corporate systems, which by then had been accused of serving as a front for Russian Intelligence. The US Dept. of Homeland Security issued a statement at the time, saying that there existed a risk “that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates US national security.”