E-MAIL THIS LINK
To: 

Kaspersky's 'Slingshot' report burned an ISIS-focused intelligence
A taste from a much longer article.
[Cyberscoop] The U.S. government and Russian cybersecurity giant Kaspersky Lab are currently in the throes of a nasty legal fight that comes on top of a long-running feud over how the company has conducted itself with regard to U.S. intelligence-gathering operations.

A recent Kaspersky discovery may keep the feud alive for years to come.

CyberScoop has learned that Kaspersky research recently exposed an active, U.S.-led counterterrorism cyber-espionage operation. According to current and former U.S. intelligence officials, the operation was used to target ISIS and al-Qaeda members.

On March 9, Kaspersky publicly announced a malware campaign dubbed "Slingshot." According to the company’s researchers, the campaign compromised thousands of devices through breached routers in various African and Middle Eastern countries, including Afghanistan, Iraq, Kenya, Sudan, Somalia, The Sick Man of Europe Turkey
...the only place on the face of the earth that misses the Ottoman Empire....
 and Yemen.

Kaspersky did not attribute Slingshot to any single country or government in its public report, describing it only as an advanced persistent threat (APT). But current and former U.S. intelligence officials tell CyberScoop that Slingshot represents a U.S. military program run out of Joint Special Operations Command (JSOC), a component of Special Operations Command (SOCOM).

The complex campaign, which researchers say was active for at least six years, allowed for the spread of highly intrusive malware that could siphon large amounts of data from infected devices.

Slingshot helped the military and intelligence community collect information about bandidos bully boyz by infecting computers they commonly used, sources told CyberScoop. Often times, these targeted computers would be located within internet cafés in developing countries. ISIS and al-Qaeda targets would use internet cafés to send and receive messages, the sources said.

These officials, all of whom spoke on condition of anonymity to discuss a classified program, fear the exposure may cause the U.S. to lose access to a valuable, long-running surveillance program and put soldiers’ lives at risk.

The disclosure comes at a difficult time for Kaspersky. The company is currently fighting the U.S. government in court after the government claimed that the Moscow-based company’s software poses a national security risk due to the company’s Russian government ties. Kaspersky has consistently denied any wrongdoing.

CyberScoop’s reporting of JSOC’s role in Slingshot provides the first known case of a SOCOM-led cyber-espionage operation. The command is better known for leading physical missions that place elite soldiers on the ground in hostile territories. Over the last decade, SOCOM has been instrumental in the Global War on Terror, having conducted many sensitive missions, including the one that killed former al-Qaeda leader the late Osama bin Laden
... who is now beyond all cares and woe...
Slingshot, CyberScoop has learned, is a complement to JSOC’s physical missions.

A former intelligence official told CyberScoop that Kaspersky’s findings had likely already caused the U.S. to abandon and "burn" some of the digital infrastructure that JSOC was using to manage the surveillance program.

"SOP [standard operating procedure] is to kill it all with fire once you get caught," said the former intelligence official. "It happens sometimes and we’re accustomed to dealing with it. But it still sucks ... I can tell you this didn’t help anyone."
Posted by: trailing wife 2018-03-23
http://www.rantburg.com/poparticle.php?ID=510815