Newly unearthed documents obtained by The Intercept indicate that the National Security Agency (NSA) as well as the UK’s Government Communications Headquarters (GCHQ) have been targeting the largest antivirus companies using various hacking techniques.
The government agencies used what’s known as software reverse engineering to snoop on security companies, according to the new report. This reportedly allowed them to be able to see data that went in and out of the companies’ networks as well giving them access to some email data. The intent of the program was to remain one step ahead of the biggest antivirus companies, essentially giving the governments intel into the world of vulnerability tracking.
Both the NSA and the GCHQ heavily targeted the Russia-based antivirus company Kaspersky Lab, The Intercept reports, citing documents leaked by NSA whistleblower Edward Snowden.
Targeting antivirus software is highly strategic. Security products often run on operating systems using the highest of computer privileges. If attackers are able to exploit such softwares, it’s possible for the hackers to do even more damage with the elevated control the software grants.