US ramps up probe of Russian software maker Kaspersky
Fears the Kremlin could use the antivirus software to steal sensitive information from computers as tensions escalate between Moscow and the West
09 May 2022 - 14:06
byAlexandra Alper
Support our award-winning journalism. The Premium package (digital only) is R30 for the first month and thereafter you pay R129 p/m now ad-free for all subscribers.
Washington — The Biden administration ramped up a national security probe into Russia’s AO Kaspersky Lab antivirus software earlier this year amid heightened fears of Russian cyberattacks after Moscow invaded Ukraine, three people familiar with the matter told Reuters.
The case was referred to the Commerce Department by the Department of Justice last year, a fourth person said, but Commerce made little progress on it until the White House and other administration officials urged them to move forward in March, the three people added.
At issue is the risk that the Kremlin could use the antivirus software, which has privileged access to a computer’s systems, to steal sensitive information from American computers or tamper with them as tensions escalate between Moscow and the West.
Access to the networks of federal contractors and operators of critical US infrastructure such as power grids are seen as particularly concerning, the three people said.
US regulators have already banned federal government use of Kaspersky software, and could ultimately force the company to take measures to reduce risks posed by its products or prohibit Americans from using them altogether.
The probe, which has not previously been reported, shows the administration is digging deep into its tool kit to hit Moscow with even its most obscure authorities in a bid to protect US citizens and corporations from Russian cyber attacks.
The authorities are “really the only tool that we have to deal with the threat (posed by Kaspersky) on an economywide commercial basis, given our generally open market,” said Emily Kilcrease, a former deputy assistant US trade representative.
Other regulatory powers stop short of allowing the government to block private sector use of software made by the Moscow-headquartered company, long seen by US officials as a serious threat to US national security.
The departments of Commerce and Justice, and Kaspersky declined to comment. The company has for years denied wrongdoing or any secret partnership with Russian intelligence.
Authorities target ‘foreign adversaries’
The ramped-up probe is being executed using broad new powers created by the Trump administration that allow the Commerce Department to ban or restrict transactions between US firms and internet, telecom and tech companies from “foreign adversary” nations including Russia and China.
For Kaspersky, Commerce could use the authorities to ban its use, the purchase of its software by US citizens, or prohibit the download of updates via a regulation in the federal register.
The tools are largely untested. Former President Donald Trump used them to try to bar Americans from using Chinese social media platforms TikTok and WeChat, but federal courts halted the moves.
A top Justice Department official said last year that the agency was examining dozens of Russian companies, including “a known connection between a particular company and the Russian intelligence services,” to see whether they threatened the US supply chain. The department could refer some of the cases to Commerce for further action, then-assistant attorney-general John Demers said at the time.
Reuters could not learn whether the companies under review included Kaspersky, which made an estimated $95.3m (R1.5bn) in US revenue in 2020 according to market research firm Gartner accounting for nearly 15% of its global revenue that year.
It was not clear whether that figure included Kaspersky products sold by third parties under different branding, a practice which generates confusion about software's origin, according to US national security officials.
In 2017, the Department of Homeland Security banned Kaspersky’s flagship antivirus product from federal networks, alleging ties to Russian intelligence and noting a Russian law that lets its intelligence agencies compel assistance from Kaspersky and intercept communications transiting Russian networks.
The perceived threat has taken on greater urgency since Russia’s invasion of Ukraine on February 24, which Moscow describes as a “special military operation.”
In March, German authorities warned the Kremlin might coerce the Moscow-based company to participate in cyberattacks, or Russian government agents could clandestinely use its technology to launch cyberattacks without its knowledge.
Kaspersky said in a statement then that it was a privately-managed company with no ties to the Russian government, and described the German warning as politically motivated.
Reuters has reported that the US government began privately warning some American companies the day after Russia invaded Ukraine that Moscow could manipulate software designed by Kaspersky to cause harm.
The White House asked the Treasury Department to prepare sanctions against the company, the Wall Street Journal reported last month, adding that some officials pushed back out of concern it could increase the risk of Russian cyberattacks.
Support our award-winning journalism. The Premium package (digital only) is R30 for the first month and thereafter you pay R129 p/m now ad-free for all subscribers.
US ramps up probe of Russian software maker Kaspersky
Fears the Kremlin could use the antivirus software to steal sensitive information from computers as tensions escalate between Moscow and the West
Washington — The Biden administration ramped up a national security probe into Russia’s AO Kaspersky Lab antivirus software earlier this year amid heightened fears of Russian cyberattacks after Moscow invaded Ukraine, three people familiar with the matter told Reuters.
The case was referred to the Commerce Department by the Department of Justice last year, a fourth person said, but Commerce made little progress on it until the White House and other administration officials urged them to move forward in March, the three people added.
At issue is the risk that the Kremlin could use the antivirus software, which has privileged access to a computer’s systems, to steal sensitive information from American computers or tamper with them as tensions escalate between Moscow and the West.
Access to the networks of federal contractors and operators of critical US infrastructure such as power grids are seen as particularly concerning, the three people said.
US regulators have already banned federal government use of Kaspersky software, and could ultimately force the company to take measures to reduce risks posed by its products or prohibit Americans from using them altogether.
The probe, which has not previously been reported, shows the administration is digging deep into its tool kit to hit Moscow with even its most obscure authorities in a bid to protect US citizens and corporations from Russian cyber attacks.
The authorities are “really the only tool that we have to deal with the threat (posed by Kaspersky) on an economywide commercial basis, given our generally open market,” said Emily Kilcrease, a former deputy assistant US trade representative.
Other regulatory powers stop short of allowing the government to block private sector use of software made by the Moscow-headquartered company, long seen by US officials as a serious threat to US national security.
The departments of Commerce and Justice, and Kaspersky declined to comment. The company has for years denied wrongdoing or any secret partnership with Russian intelligence.
Authorities target ‘foreign adversaries’
The ramped-up probe is being executed using broad new powers created by the Trump administration that allow the Commerce Department to ban or restrict transactions between US firms and internet, telecom and tech companies from “foreign adversary” nations including Russia and China.
For Kaspersky, Commerce could use the authorities to ban its use, the purchase of its software by US citizens, or prohibit the download of updates via a regulation in the federal register.
The tools are largely untested. Former President Donald Trump used them to try to bar Americans from using Chinese social media platforms TikTok and WeChat, but federal courts halted the moves.
A top Justice Department official said last year that the agency was examining dozens of Russian companies, including “a known connection between a particular company and the Russian intelligence services,” to see whether they threatened the US supply chain. The department could refer some of the cases to Commerce for further action, then-assistant attorney-general John Demers said at the time.
Reuters could not learn whether the companies under review included Kaspersky, which made an estimated $95.3m (R1.5bn) in US revenue in 2020 according to market research firm Gartner accounting for nearly 15% of its global revenue that year.
It was not clear whether that figure included Kaspersky products sold by third parties under different branding, a practice which generates confusion about software's origin, according to US national security officials.
In 2017, the Department of Homeland Security banned Kaspersky’s flagship antivirus product from federal networks, alleging ties to Russian intelligence and noting a Russian law that lets its intelligence agencies compel assistance from Kaspersky and intercept communications transiting Russian networks.
The perceived threat has taken on greater urgency since Russia’s invasion of Ukraine on February 24, which Moscow describes as a “special military operation.”
In March, German authorities warned the Kremlin might coerce the Moscow-based company to participate in cyberattacks, or Russian government agents could clandestinely use its technology to launch cyberattacks without its knowledge.
Kaspersky said in a statement then that it was a privately-managed company with no ties to the Russian government, and described the German warning as politically motivated.
Reuters has reported that the US government began privately warning some American companies the day after Russia invaded Ukraine that Moscow could manipulate software designed by Kaspersky to cause harm.
The White House asked the Treasury Department to prepare sanctions against the company, the Wall Street Journal reported last month, adding that some officials pushed back out of concern it could increase the risk of Russian cyberattacks.
Reuters
Don’t be caught: the top digital scams in SA since lockdown started
GARITH PECK: Cyberattack pandemic hits companies as criminals slip through defences
TOBY SHAPSHAK: Cold War 2.0: set in cyberspace
Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.
Please read our Comment Policy before commenting.
Most Read
Published by Arena Holdings and distributed with the Financial Mail on the last Thursday of every month except December and January.