Russian hackers stole information about how the National Security Agency gains access to foreign computer networks and protects those in the United States by exploiting an NSA contractor’s use of a popular antivirus program, the Wall Street Journal reported on Thursday.
The Wall Street Journal reported, citing unnamed sources with knowledge of the matter, that hackers working for the Russian government stole the highly classified material in 2015 after an NSA contractor transferred it to his home computer. According to the report, that stolen material included the computer code the NSA uses to penetrate foreign computer networks.
According to the Wall Street Journal, Russian hackers identified the classified material by exploiting antivirus software the NSA contractor used made by Kaspersky Lab, a Russian cybersecurity company whose links to the Russian government have come under scrutiny.
The theft was not discovered until early in 2016, according to the report, and has still not been disclosed. It was not clear whether the NSA contractor was terminated or facing repercussions for removing classified information without permission, a violation of agency policy for which he could potentially face criminal charges.
According to the Wall Street Journal, members of Congress were informed about the serious breach, which was “given a classified code name and set off alarms among top national security officials.”
Kaspersky Lab told the Wall Street Journal that it “has not been provided any information or evidence substantiating this alleged incident” and said it “must assume that this is another example of a false accusation.”
“Whether the information is credible or not, NSA’s policy is never to comment on affiliate or personnel matters,” an NSA spokesman told the Wall Street Journal.