George Barnes, former NSA deputy director, highlights the potential risks associated with easyjson, a software whose ownership by VK Group raises concerns due to its ties with the Kremlin. Despite its lack of known vulnerabilities, Barnes suggests that this makes it an attractive target for Russian intelligence agencies. The article underscores challenges in addressing cybersecurity threats, as multiple agencies decline to comment, and some tech firms like GitHub avoid associating VK with malicious activities, indicating the complexity of navigating cybersecurity in a politically charged environment.
"It is totally efficient code. There's no known vulnerability about it, hence no other company has identified anything wrong with it," Barnes says.
"If I'm sitting there in the GRU or the FSB and I'm looking at the laundry list of opportunities... this is perfect. It's just lying there," Barnes says.
"NSA does not have a comment to make on this specific software," a spokesperson for the National Security Agency says.
"We are going to refer you back to Hunted Labs," a spokesperson for the US Cybersecurity and Infrastructure Security Agency says.
Collection
[
|
...
]