For as long as there have been governments, there have been spy agencies, and for as long as there have been spy agencies, they’ve done spying. Spy agencies are always looking for ways to get information. Information is valuable, always has been, always will be. ~Avast CEO Vince Steckler
New documents from the many that were leaked by former US intelligence analyst Edward Snowden were published this week in The Intercept. They reveal that the U.S.’s National Security Agency (NSA) and its British counterpart, Government Communications Headquarters (GCHQ), spied on security companies including Avast, AVG, Kaspersky Lab, and Antiy. The spy agencies seem to be targeting non-American security companies; Avast and AVG are based in Prague, Czech Republic; Kaspersky is based in Moscow, Russia; and Antiy is Chinese. Together, these companies have nearly a billion users. No U.S. or U.K. -based companies were included in the list.
“Geopolitically, it makes sense that the NSA and GCHQ are targeting products that are prevalently used by foreign governments, like Kaspersky in Russia or CheckPoint in Israel,” said Steckler in an interview with RT News. “On the flip side, Russian or Chinese spy agencies may be similarly targeting products that the American government heavily uses, for example Symantec and McAfee. We’re hearing just one side of the story.”
Reportedly, the NSA and GCHQ experts reverse engineered the antivirus software in order to exploit it and prevent detection of their own activities.
“It is difficult to tell if the NSA, the GCHQ, or other government agencies have ever tried to reverse engineer our software,” said Steckler. “Even if they did, they would only be able to do so on the client side, which includes simple pattern detection. However, they could not reverse engineer our backend, which includes our sophisticated machine-learning classification.”
The documents also say that the organizations recommended monitoring customers who reported malware “to see if they’re into more nefarious activity.”
While some companies most likely partner with the governments in their home countries, that’s not something Avast does.
“The fact that the NSA may be targeting us – while some major U.S. and British security companies are left out from their list proves that we don’t work with the NSA and GCHQ,” said Steckler. “Ones not on the list quite likely provide their source code and thus there is no need to reverse engineer. Our commitment to our customers is to provide protection from all forms of spying.”
Mr. Steckler spoke to RT News, a Russian television network, about the new revelations. Watch the interview now,