Help

BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.

To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.

To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.

Login Register Subscribe

US warned firms about Russia’s Kaspersky software

Reprints
Kaspersky

(Reuters) – The U.S. government began privately warning some American companies the day after Russia invaded Ukraine that Moscow could manipulate software designed by Russian cybersecurity company Kaspersky to cause harm, according to a senior U.S. official and two people familiar with the matter.

The classified briefings are part of Washington's broader strategy to prepare providers of critical infrastructure such as water, telecoms and energy for potential Russian intrusions.

President Joe Biden said last week that sanctions imposed on Russia for its Feb. 24 attack on Ukraine could result in a backlash, including cyber disruptions, but the White House did not offer specifics.

"The risk calculation has changed with the Ukraine conflict," said the senior U.S. official about Kaspersky's software. "It has increased."

Kaspersky, one of the cybersecurity industry's most popular anti-virus software makers, is headquartered in Moscow and was founded by Eugene Kaspersky, who U.S. officials describe as a former Russian intelligence officer.

A Kaspersky spokeswoman said in a statement that the briefings about purported risks of Kaspersky software would be "further damaging" to Kaspersky’s reputation "without giving the company the opportunity to respond directly to such concerns" and that it "is not appropriate or just."

The senior U.S. official said Kaspersky's Russia-based staff could be coerced into providing or helping establish remote access into their customers' computers by Russian law enforcement or intelligence agencies.

Eugene Kaspersky, according to his company website, graduated from the Institute of Cryptography, Telecommunications and Computer Science, which the Soviet KGB previously administered. The company spokeswoman said that Kaspersky worked as a "software engineer" during military service.

The Russian cybersecurity firm, which has an office in the United States, lists partnerships with Microsoft, Intel and IBM on its website. Microsoft declined to comment. Intel and IBM did not respond to requests for comment. In addition, Kaspersky's products are also sometimes sold under white-label sales agreements. This means the software can be packaged and renamed in commercial deals by information technology contractors, making their origin difficult to immediately determine.

While not referring to Kaspersky by name, Britain's cybersecurity center on Tuesday said organizations providing services related to Ukraine or critical infrastructure should reconsider the risk associated with using Russian computer technology in their supply chains.

"We have no evidence that the Russian state intends to suborn Russian commercial products and services to cause damage to UK interests, but the absence of evidence is not evidence of absence," the National Cyber Security Centre said in a blog post.

 

 

 

Read Next