Security vendor admits its internal networks have been targeted.
Kaspersky Lab claims to have uncovered a groundbreaking hacking campaign that was being used to attack its internal networks.
Allegedly sponsored by an unnamed government, Duqu 2.0 is seemingly related to the Stuxnet virus that attacked Iranian nuclear reactors in 2010, and is described as “a generation ahead” of anything Kaspersky Lab had seen earlier.
Writing online, the firm’s founder and chief executive Eugene Kaspersky said: “It looks like the people behind Duqu 2.0 were fully confident it would be impossible to have their clandestine activity exposed.
“However, we did manage to detect it – with the alpha version of our Anti-APT [advanced persistent threat] solution, designed to tackle even the most sophisticated targeted attacks.”
Kaspersky Lab alleges that the hackers behind Duqu 2.0 were aiming to discover the company’s ongoing investigations – the firm having just opened a research centre in London, as reported by CBR.
Hackers are also thought to have spied on “several prominent targets” including negotiations around Iran’s nuclear programme and the anniversary of the liberation of Auschwitz, a Nazi concentration camp, according to the security vendor.
Despite these ostensibly political motives Kaspersky refused to be drawn on who was behind the attack, even though his company has previously been accused of having links with Russian spy agencies.
“Let me say this again: we don’t attribute attacks,” he said. “We’re security experts – the best – and we don’t want to dilute our core competence by getting into politics.”
“Governments attacking IT security companies is simply outrageous. We’re supposed to be on the same side as responsible nations, sharing the common goal of a safe and secure cyber-world.”
He added that his company was reporting the attacks because there was nothing to be ashamed it being targeted by hackers, and also said that he wanted to draw public attention to cyberattacks backed by governments.