Bits: Farhad's and Mike's Week in Tech: Russia, Russia Everywhere

How Israeli spies watched Russian spies watch Americans. View in [Browser]( | Add nytdirect@nytimes.com to your address book. [The New York Times]( [The New York Times]( Thursday, October 12, 2017 [For the latest updates, go to nytimes.com/bits »]( Russia, Russia Everywhere [Israeli spies watched the Russians spy on Americans through the systems of Kaspersky Lab, an internet security company. Here a Kaspersky employee walks behind a glass wall at the company’s headquarters in Moscow.] Israeli spies watched the Russians spy on Americans through the systems of Kaspersky Lab, an internet security company. Here a Kaspersky employee walks behind a glass wall at the company’s headquarters in Moscow. Kirill Kudryavtsev/Agence France-Presse - Getty Images Each Friday, Farhad Manjoo and Mike Isaac, technology reporters at The New York Times, review [the week’s news]( offering analysis and maybe a joke or two about the most important developments in the tech industry. Mike is off this week, so Nicole Perlroth, who covers cybersecurity, took his place. Want this newsletter in your inbox? [Sign up here](. Farhad: Hello, Nicole! Mike is away this week — honestly, I can’t even remember his excuse this time, I’m sure it’s a real doozy. But I suspect it’s not as fun as talking tech news with you! Nicole: I think I saw him tweet something about a near-death experience [with a frayed USB cord]( Likely story. RUSSIANS HARNESSING AMERICAN TECH Farhad: O.K., it was a big week in tech. We should probably start with the thing we’ve been talking about every week for, what, 300 years now? Facebook and Russia. [In a report this week]( a couple of our colleagues found that when Russian operatives set out to sow civil unrest in America on Facebook, they turned to an obvious source — political messages posted by Americans. The Russians created Facebook pages that had names like “Being Patriotic” and “Blacktivist,” and they populated their pages with videos and memes created by Americans — for instance, a hoax story about Muslim men collecting welfare checks for multiple wives. I found the story fascinating because the whole thing is so banal. You have this picture of foreign spies using James Bond-type technology to go after an enemy’s political system. Nope, turns out they went about it exactly how you or I might do it — they found some videos online and posted them on Facebook. Nicole: Yup. It turns out the Kremlin has found their sweet spot in the ugly fault lines in American politics. They’ve truly exploited our country’s political grievances, cultural resentments, news literacy and diminishing faith in once-trusted institutions like the news media to bring out the worst in us, simply by creating some Facebook pages. Who would have thought that Russians would be behind a pro-Texas fan page disseminating pro-secessionist Texas messages, or a “Blacktivist” page advocating for more protests against racial inequality? Farhad: It wasn’t just Facebook. [Google disclosed this week]( that Russian operatives also bought ads on its platform to interfere with the 2016 race. The amounts were small — about $4,700 in ads from the Russian government — but they added to the overall story line, which is that the tech giants’ platforms are being used in ways they probably had never foreseen. Nicole: Did we really think Russia was going to try to hack election databases in 21 states, and pour that many resources into Facebook and not touch Google, the No. 1 source of information for most Americans? It’s frustrating that this is only coming out now, but to be fair, much of the Russian activity was not exactly obvious. The silver lining is that we may finally be getting some answers. This week, the House Intelligence Committee said it would turn over Russian Facebook ad content, after [meeting with Facebook’sÂ]( operating officer]( Sheryl Sandberg. THE WEB OF KASPERSKY Farhad: Let’s turn to another story about Russian spies, this one not at all banal. The United States recently discovered that a Russian antivirus company, Kaspersky Lab, had been compromised by the Russian government. The software was essentially being used as a kind of search engine for spying — the Russians could search through the files of people who’d installed the software, and in some cases it led them to classified documents, including from an employee of the National Security Agency who had stored files on a home computer. That’s pretty amazing by itself. But what was most amazing was how the spying was discovered — because Israeli spies were watching the Russians spy on the Americans, [as you and Scott Shane reported](. That’s crazy! Can you explain how it went down? Nicole: My reporting can basically be summed up as: Spies were spying on spies spying on spies’ spying. Are you with me? Farhad: Er…. Nicole: So in 2014, the Israeli government’s hackers managed to compromise Kaspersky Lab, a Russian antivirus company with 400 million users, many of them in Western Europe and the United States. Here I should mention that some two dozen American federal agencies used Kaspersky’s software, including some of the most critical agencies like the Department of Energy, which oversees our nuclear program. Kaspersky was so thoroughly “owned” by the Israelis, that nearly a year later when Kaspersky’s researchers discovered the intrusion, its own researchers called the Israeli attack code “the best we have ever seen.” As it turns out, the Israelis were so deep inside Kaspersky’s systems that they watched — in real time — as Russian spies used Kaspersky’s systems effectively as a Google search box for American classified government programs. The Israelis caught Russian spies searching any computer that contained Kaspersky’s software for the words “Top Secret,” in a sense abusing Kaspersky’s deep access to the innards of more than 400 million people’s machines to search for American government classified programs. In at least one case, the spies struck gold: They discovered a trove of highly classified National Security Agency programs on an agency employee’s personal computer. Apparently the employee had installed the Kaspersky software on his home computer, not knowing that in doing so he was giving Russians full access to some of the N.S.A.’s most coveted programs for penetrating foreign networks. Israel was able to capture all of this in real time and provided the N.S.A. with evidence in the forms of screenshots and other documentation, which is how the N.S.A. learned the source of this particular leak. The tip also prompted tons of internal discussions and studies within the United States intelligence community, which eventually led to a government ban on Kaspersky products last month. Farhad: Kaspersky is a real mystery in this. They’ve denied any wrongdoing, but is it plausible that they wouldn’t have had an idea that their tools had been infiltrated by the Russian government? Nicole: This is the mystery indeed. I sent Kaspersky a detailed list of questions that gave them ample opportunity to offer any explanations. But they declined to answer any of those questions. Instead they put out a short and vague statement and sent me [a Rihanna GIF on Twitter](. There are still some possible technical explanations for how Russia could have used Kaspersky as a backdoor without Kaspersky’s knowledge. But most counterintelligence experts, including one we quoted from the Central Intelligence Agency, insist there is no way these kinds of broad scans for United States intelligence could have been conducted without Kaspersky’s knowledge. And even if Kaspersky was not complicit, these experts say, that would still mean Kaspersky is either grossly incompetent or horrendously compromised. As a security company, neither is optimal. Farhad: That’s been quite the week! Thanks for joining me, Nicole. See you! Nicole: Ciao! Or as they say in Russian “Прощай!” Farhad Manjoo, who joined the Times in 2013, writes a weekly technology column called [State of the Art](. Nicole Perlroth joined The Times in 2011 and covers cybersecurity. You can follow them on Twitter here: [@fmanjoo]( and [@NicolePerlroth](. ADVERTISEMENT In Case You Missed It [How Russia Harvested American Rage to Reshape U.S. Politics]( By NICHOLAS CONFESSORE AND DAISUKE WAKABAYASHI A Times examination of Russian-linked Facebook pages used in the 2016 election found that much of the content was taken directly from videos and posts from Americans. [How Israel Caught Russian Hackers Scouring the World for U.S. Secrets]( By NICOLE PERLROTH AND SCOTT SHANE Exploiting the popular Kaspersky antivirus software, Russian hackers searched millions of computers for American intelligence keywords. Israeli intelligence tipped off American officials. [Sheryl Sandberg Blitzes Washington in P.R. Push for Facebook]( By CECILIA KANG Ms. Sandberg visited Washington, acting as the tech giant’s chief ambassador while trying to contain a spiraling public relations crisis. [Tech Giants, Once Seen as Saviors, Are Now Viewed as Threats]( By DAVID STREITFELD American tech companies positioned themselves as entities that brought positive change by connecting people and spreading information. Perceptions are shifting. State of the Art [The Frightful Five Want to Rule Entertainment. They Are Hitting Limits.]( By FARHAD MANJOO Apple, Google and other tech giants are pushing deeper into cultural industries — and stumbling in ways that suggest a certain cluelessness. [Masayoshi Son’s Grand Plan for SoftBank’s $100 Billion Vision Fund]( By KATIE BENNER Mr. Son has told tech entrepreneurs he is on a mission to own pieces of all the companies that may underpin the shifts brought on by artificial intelligence. [Disney’s Big Bet on Streaming Relies on Little-Known Tech Company]( By BROOKS BARNES AND JOHN KOBLIN BamTech has had success with its services for Major League Baseball, HBO and others. Disney is hoping the company can do the same for it. HOW ARE WE DOING? We’d love your feedback on this newsletter. Please email thoughts and suggestions to [bits_newsletter@nytimes.com](mailto:bits_newsletter@nytimes.com?subject=Bits%20Newsletter%20Feedback%20223). ADVERTISEMENT LIKE THIS EMAIL? Forward it to your friends, and let them know they can sign up [here](. FOLLOW BITS [Twitter] [@nytimesbits]( Get more [NYTimes.com newsletters »]( | Get unlimited access to NYTimes.com and our NYTimes apps. [Subscribe »]( ABOUT THIS EMAIL You received this message because you signed up for NYTimes.com's Bits newsletter. [Unsubscribe]( | [Manage Subscriptions]( | [Change Your Email]( | [Privacy Policy]( | [Contact]( | [Advertise]( Copyright 2017 The New York Times Company 620 Eighth Avenue New York, NY 10018