Estonian Free PressEstonian Free Press
  • National Security
    • United States
    • United Kingdom
    • Europe
    • Estonia
    • Latvia
    • Lithuania
    • Moldova
    • Poland
    • Russia
    • Ukraine
  • Counterterrorism
  • Cybersecurity
  • Intelligence

Subscribe to Updates

Get the latest National Security News directly to your inbox.

What's Hot

Beitnere-Le Galla pieņēmusi lēmumu nekandidēt Saeimas vēlēšanās ģimenes apstākļu dēļ

August 7, 2022

Unde activează fostul vicepremier pe Reintegrare, Vladislav Kulminski

August 7, 2022

Thatcher’s energy secretary says Tory leadership contenders’ response to price spike ‘inadequate’

August 7, 2022
Facebook Twitter Instagram
  • Privacy Policy
  • Terms and Conditions
  • Contact
Sunday, August 7
Estonian Free PressEstonian Free Press
  • National Security
    • United States
    • United Kingdom
    • Europe
    • Estonia
    • Latvia
    • Lithuania
    • Moldova
    • Poland
    • Russia
    • Ukraine
  • Counterterrorism
  • Cybersecurity
  • Intelligence
en English
en Englishet Estonianlv Latvianlt Lithuanianpl Polishro Romanianru Russianuk Ukrainian
Trending
  • Beitnere-Le Galla pieņēmusi lēmumu nekandidēt Saeimas vēlēšanās ģimenes apstākļu dēļ
  • Unde activează fostul vicepremier pe Reintegrare, Vladislav Kulminski
  • Thatcher’s energy secretary says Tory leadership contenders’ response to price spike ‘inadequate’
  • Jos sau nu guvernarea? Expert: Vom vedea situația când vor fi proteste
  • Ce cadouri a primit prim-ministra de la diferiți oficiali
  • Beijing continuing to send warships, aircraft toward Taiwan after Pelosi visit
  • Thousands of infected blood victims to receive £100,000 compensation
  • Penny Mordaunt claims Liz Truss ‘misinterpreted’ after dismissing cost of living ‘handouts’
Subscribe
Facebook Twitter Instagram
Estonian Free PressEstonian Free Press
Home » US warned firms about Russia’s Kaspersky software day after invasion

US warned firms about Russia’s Kaspersky software day after invasion

April 1, 20224 Mins Read Cybersecurity
Share
Facebook Twitter LinkedIn Pinterest Email

The US government began privately warning some American companies the day after Russia invaded Ukraine that Moscow could manipulate software designed by Russian cybersecurity company Kaspersky to cause harm, according to a senior US official and two people familiar with the matter.

The classified briefings are part of Washington’s broader strategy to prepare providers of critical infrastructure such as water, telecoms and energy for potential Russian intrusions.

President Joe Biden said last week that sanctions imposed on Russia for its 24 February attack on Ukraine could result in a backlash, including cyber disruptions, but the White House did not offer specifics.

“The risk calculation has changed with the Ukraine conflict,” said the senior US official about Kaspersky’s software. “It has increased.”

Kaspersky, one of the cybersecurity industry’s most popular anti-virus software makers, is headquartered in Moscow and was founded by Eugene Kaspersky, who US officials describe as a former Russian intelligence officer.

A Kaspersky spokeswoman said in a statement that the briefings about purported risks of Kaspersky software would be “further damaging” to Kaspersky’s reputation “without giving the company the opportunity to respond directly to such concerns” and that it “is not appropriate or just.”

The senior US official said Kaspersky’s Russia-based staff could be coerced into providing or helping establish remote access into their customers’ computers by Russian law enforcement or intelligence agencies.

Eugene Kaspersky, according to his company website, graduated from the Institute of Cryptography, Telecommunications and Computer Science, which the Soviet KGB previously administered. The company spokeswoman said that Kaspersky worked as a “software engineer” during military service.

The Russian cybersecurity firm, which has an office in the United States, lists partnerships with Microsoft, Intel and IBM on its website. Microsoft declined to comment. Intel and IBM did not respond to requests for comment.

On 25 March the Federal Communications Commission added Kaspersky to its list of communications equipment and service providers deemed threats to US national security.

It is not the first time Washington has said Kaspersky could be influenced by the Kremlin.

The Trump administration spent months banning Kaspersky from government systems and warning numerous companies to not use the software in 2017 and 2018.

US security agencies conducted a series of similar cybersecurity briefings surrounding the Trump ban. The content of those meetings four years ago was comparable to the new briefings, said one of the people familiar with the matter.

Over the years, Kaspersky has consistently denied wrongdoing or any secret partnership with Russian intelligence.

It is unclear whether a specific incident or piece of new intelligence led to the security briefings. The senior official declined to comment on classified information.

Until now no US or allied intelligence agency has ever offered direct, public proof of a backdoor in Kaspersky software.

Following the Trump decision, Kaspersky opened a series of transparency centers, where it says partners can review its code to check for malicious activity. A company blog post at the time explained the goal was to build trust with customers after the US accusations.

But the US official said the transparency centers are not “even a fig leaf” because they do not address the US government’s concern.

“Moscow software engineers handle the [software] updates, that’s where the risk comes,” they said. “They can send malicious commands through the updaters and that comes from Russia.”

Cybersecurity experts say that because of how anti-virus software normally functions on computers where it is installed, it requires a deep level of control to discovery malware. This makes anti-virus software an inherently advantageous channel to conduct espionage.

In addition, Kaspersky’s products are also sometimes sold under white label sales agreements. This means the software can be packaged and renamed in commercial deals by information technology contractors, making their origin difficult to immediately determine.

While not referring to Kaspersky by name, Britain’s cybersecurity center on Tuesday said organizations providing services related to Ukraine or critical infrastructure should reconsider the risk associated with using Russian computer technology in their supply chains.

“We have no evidence that the Russian state intends to suborn Russian commercial products and services to cause damage to UK interests, but the absence of evidence is not evidence of absence,” the National Cyber Security Centre said in a blog post.

Russian antivirus software unreliable, Czech experts warn

The National Cyber and Information Security Agency has warned against Russian antivirus software as Russian companies targeted by EU sanctions can stop updating their programs at any time, leaving customers far more vulnerable to potential cyberattacks.

The agency rates the threat …

Share. Facebook Twitter Pinterest LinkedIn Tumblr Telegram Email

Articles Liés

U.K. National Health Service Hit by Cyber Attack

August 6, 2022 Cybersecurity

IPAWS Advisory: Emergency Alert System (EAS) Vulnerability

August 5, 2022 Cybersecurity

GAO Warns Coast Guard of IT and OT Cybersecurity Vulnerabilities

August 5, 2022 Cybersecurity

TMF Invests in Improving Public-Facing Services, Bolstering Cybersecurity

August 4, 2022 Cybersecurity

Bipartisan Legislation Aims to Protect Federal Data Centers from Extreme Weather, Cyber Attacks, and Other Disasters

August 2, 2022 Cybersecurity

HSToday Welcomes Bob Kolasky, Former Head of DHS National Risk Management Center, as Editorial Board Member and Columnist

August 1, 2022 Cybersecurity
Don't Miss
Moldova

Unde activează fostul vicepremier pe Reintegrare, Vladislav Kulminski

By woe whAugust 7, 20220

Fostul vicepremier pe Reintegrare, Vladislav Kulminski, are o nouă funcție. Acesta participă la inspectarea navelor…

Thatcher’s energy secretary says Tory leadership contenders’ response to price spike ‘inadequate’

August 7, 2022

Jos sau nu guvernarea? Expert: Vom vedea situația când vor fi proteste

August 7, 2022

Ce cadouri a primit prim-ministra de la diferiți oficiali

August 7, 2022
Stay In Touch
  • Facebook
  • Twitter
  • Pinterest
  • Instagram
  • YouTube
  • Vimeo
Our Picks

Thousands of infected blood victims to receive £100,000 compensation

August 7, 2022

Penny Mordaunt claims Liz Truss ‘misinterpreted’ after dismissing cost of living ‘handouts’

August 7, 2022

Liz Truss extends polling lead over Rishi Sunak in race for prime minister

August 7, 2022

China keeps up pressure on Taiwan with 4th day of drills

August 7, 2022

Subscribe to Updates

Get the latest National Security News directly to your inbox.

© 2022 Estonian Free Press. All rights reserved.
  • Privacy Policy
  • Terms and Conditions
  • Contact

Type above and press Enter to search. Press Esc to cancel.