Kaspersky says Web hack 'should not have happened'

Kaspersky Lab says its Web site was hacked Saturday.

It's the worst thing that can happen to a computer security vendor: This weekend, Moscow's Kaspersky Lab was hacked.

A hacker, who identified himself only as Unu, said that he was able to break into a section of the company's brand-new U.S. support Web site by taking advantage of a flaw in the site's programming.

On a conference call with reporters, Kaspersky Senior Research Engineer Roel Schouwenberg said that while he believes that the hacker did not access any customer information such as e-mail addresses, the hack would hurt the company's image. "This is not good for any company, and especially a company dealing with security," he said. "This should not have happened, and we are now doing everything within our power to do the forensics on this case and to prevent this from ever happening again."

Schouwenberg blamed the breach on a Web programming flaw that was introduced in a Jan. 29 redesign of the support site, meaning that the bug was live on Kaspersky's site for about 10 days. "Something went wrong in our internal code reviewing process," he said.

This flaw left Kaspersky's support site vulnerable to what's known as a SQL injection attack, which could have given the hacker access to about 2,500 customer e-mail addresses and to perhaps 25,000 product activation codes.

In a SQL injection attack, the hacker takes advantage of bugs in Web programs that query databases. The point is to find a way to run commands within the databases and access information that would normally be protected.

Code on Kaspersky's Web site is typically subjected to an internal and external audit. Kaspersky has hired database expert David Litchfield to investigate the incident and expects to be able to report more on the hack within 24 hours, the company said.

In an e-mail interview, Litchfield said that he has done this type of investigation before. "Typically there are no problems with investigations of this type. Of course, an attacker can attempt to hide their tracks, which makes things more difficult -- but by no means impossible."

Unu notified Kaspersky of the bug via e-mail on Friday, and then one hour later hacked into the site. Kaspersky didn't see that e-mail until much later, but the company realized it had been hacked by around noon Eastern Time on Saturday, Schouwenberg said. Just 15 minutes later, Kaspersky reverted to an older version of its support site code, which did not contain the error.

Kaspersky believes that Unu is from Romania, but is not seeking legal action in the case. Romanian authorities have limited resources and are unlikely to investigate the incident further, Schouwenberg said in an e-mail.

Worse attacks have happened. In fact, the Kaspersky hack is "barely even worth mentioning" next to major security breaches, such as the recent hack that gave criminals access to systems at credit-card processor Heartland Payment Systems, said Paul Roberts, an analyst with The 451 Group. "But Kaspersky is a security company, " he said via instant message. "So there's a much bigger reputational risk here than with, say, some supermarket."

Join the PC World newsletter!

Error: Please check your email address.

Tags kaspersky labshack

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Robert McMillan

IDG News Service
Show Comments

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?