Russia-based Kaspersky Lab, one of the biggest and most well-known cybersecurity research firms in the world, has admitted to being hacked.
In a blog post published earlier today, Kaspersky Lab CEO and founder Eugene Kaspersky wrote, “We discovered an advanced attack on our own internal networks. It was complex, stealthy, it exploded several zero-day vulnerabilities, and we’re quite confident that there’s a nation state behind it.”
The firm dubbed this attack Duqu 2.0. It’s named after a specific series of malware called Duqu, which was considered to be related to the Stuxnet attack that targeted states like Iran, India, France, and the Ukraine in 2011.
The attackers behind Duqu 2.0 were hoping to infiltrate Kaspersky’s networks to learn more about its services, the blog post revealed. It added that the group behind Duqu 2.0 “also spied on several prominent targets.”
Kaspersky explained this situation as a mix of both good and bad news. The bad, obviously, is that the security firm was hacked. The good news, however, is that it claims none of its services have been compromised.
The post went on to say that it was not wise to use an advanced never-before-used technology to spy on a firm. For one, Kaspersky sells access to a great deal of its technologies, so this group could have just paid for it. Also, in its attempt to infiltrate Kaspersky, it clued the company in to the next generation spying technologies hackers are developing.
“They have now lost a very expensive technologically-advanced framework they’d been developing for years,” the post explained.
Kaspersky says the Duqu 2.0 investigation is pending and it’s still working to figure things out. It is not pointing any fingers about who executed the attack, but it has urged federal agencies to commence criminal investigations.