Re: Russia Biggest Cybersecurity Firm Head Arrested For Trea
Posted: Tue Jul 11, 2017 10:38 am
Trump administration considering government-wide ban on popular Russian software
WATCHOfficials fear Russia could try to target US through Kaspersky Lab software
The Trump administration is on the verge of deciding whether to block all federal agencies from using products developed by a popular Russian cyber-security firm, which is under increasing scrutiny for alleged ties to Russian intelligence services, government sources familiar with the matter told ABC News.
A final decision could be made in the coming days over whether to strip the Moscow-based firm, Kaspersky Lab, from the General Services Administration's (GSA) list of outside vendors whose products are approved for use by government agencies, the sources said.
"That's a big move and is going to have some legal implications," one senior U.S. intelligence official told ABC News.
Removing Kaspersky Lab from the list -- known as the "GSA Schedule" -- would likely only impact future contracts, ABC News was told.
If the Trump administration does move to block government agencies from using the company's products, it would mark the most significant and far-reaching response yet to concerns among current U.S. officials that Russian intelligence services could try to exploit Kaspersky Lab's anti-virus software to steal and manipulate users' files, read private emails or attack critical infrastructure in the United States.
Classified Senate briefing expands to include Russian cyber firm under FBI scrutiny
Senate effort to ban Russian software on US military systems would have far-reaching impact, sources say
For weeks, the White House, Department of Homeland Security, GSA and other federal agencies have been conducting an "interagency review" of the matter, sources said.
The company has repeatedly insisted it poses no threat to U.S. customers and would never allow itself to be used as a tool of the Russian government.
Kaspersky Lab's CEO, Eugene Kaspersky, recently said any concerns about his company are based in "ungrounded speculation and all sorts of other made-up things," adding that he and his company "have no ties to any government, and we have never helped, nor will help, any government in the world with their cyber-espionage efforts."
Nevertheless, the FBI has been pressing ahead with a long-running counterintelligence probe of the company, and in June FBI agents interviewed about a dozen U.S.-based Kaspersky Lab employees at their homes, ABC News was told.
In addition, as ABC News reported in May, the Department of Homeland Security in February issued a secret report on the matter to other government agencies. And three months ago, the Senate Intelligence Committee sent a secret memorandum to Director of National Intelligence Dan Coats and Attorney General Jeff Sessions demanding that the Trump administration address "this important national security issue."
Despite all the private expressions of concern, the issue was first brought into public view by key members of the Senate Intelligence Committee, who began asking questions about Kaspersky Lab during recent hearings covering global threats to U.S. national security.
Lawmakers and other U.S. officials point to Kaspersky Lab executives with previous ties to Russian intelligence and military agencies as reason for concern.
Three weeks ago, Sen. Jeanne Shaheen, D-N.H., took legislative steps to ban the U.S. military from using Kaspersky Lab products.
There is "a consensus in Congress and among administration officials that Kaspersky Lab cannot be trusted to protect critical infrastructure," Jeanne Shaheen, a New Hampshire Democrat and key member of the Senate Armed Services Committee, said in a statement after introducing an amendment to a Pentagon spending bill.
Eugene Kaspersky called Shaheen’s move "an extreme new measure."
"Kaspersky Lab is facing one of the most serious challenges to its business yet, given that members of the U.S. government wrongly believe the company or I or both are somehow tied to the Russian government," he recently wrote on his blog. "Basically, it seems that because I'm a self-made entrepreneur who, due to my age and nationality, inevitably was educated during the Soviet era in Russia, they mistakenly conclude my company and I must be bosom buddies with the Russian intelligence agencies. ... Yes it is that absurdly ridiculous."
U.S. officials have yet to publicly present any evidence indicating concerning links between Kaspersky Lab employees and elements of the Russian government.
But one senior U.S. intelligence official said the fact that the U.S. government is considering the drastic step of removing Kaspersky Lab from the GSA's list of approved vendors shows that such concerns are "non-trivial."
A company lands on the list after hammering out deals with the GSA, which uses "the government's buying power to negotiate discounted pricing," according to the GSA.
Hundreds of "federal customers," and in some cases state and local governments, can then purchase the company's products without having to each negotiate their own prices, the GSA said in a 2015 brochure about its operations.
"The buying process is simplified because GSA has completed the bulk of the procurement process on behalf of government buyers," the brochure noted.
As of a few years ago, the information technology portion of the GSA Schedule accounted for more than $14 billion of the federal budget, the brochure said.
An ABC News investigation earlier this year found that -- largely through outside vendors -- Kaspersky Lab software has been procured by many federal agencies, including the U.S. Bureau of Prisons and some segments of the Defense Department.
Kaspersky Lab products are also used in countless American homes, and in state and local agencies across the country.
"[W]e've offered the U.S. government any assistance it might need to help clarify the ongoing confusion regarding the falsely perceived threat they wrongly believe our products and technologies pose," Eugene Kaspersky wrote on his blog. "We're even willing to meet with any of them and give them our source code to thoroughly review it, as we’ve got nothing to hide. We want the government, our users and the public to fully understand that having Russian roots does not make us guilty."
http://abcnews.go.com/US/trump-administ ... d=48559277
Kaspersky Lab Has Been Working With Russian Intelligence
Emails show the software-security maker developed products for the FSB and accompanied agents on raids.
By Jordan Robertson and Michael Riley
July 11, 2017, 4:00 AM CDT
ILLUSTRATION: KURT WOERPEL FOR BLOOMBERG BUSINESSWEEK
Russian cybersecurity company Kaspersky Lab boasts 400 million users worldwide. As many as 200 million may not know it. The huge reach of Kaspersky’s technology is partly the result of licensing agreements that allow customers to quietly embed the software in everything from firewalls to sensitive telecommunications equipment—none of which carry the Kaspersky name.
That success is starting to worry U.S. national security officials concerned about the company’s links to the Russian government. In early May six U.S. intelligence and law enforcement agency chiefs were asked in an open Senate hearing whether they’d let their networks use Kaspersky software, often found on Best Buy shelves. The answer was a unanimous and resounding no. The question, from Florida Republican Marco Rubio, came out of nowhere, often a sign a senator is trying to indirectly draw attention to something learned in classified briefings.
Eugene Kaspersky took to Reddit to respond. Claims about Kaspersky Lab’s ties to the Kremlin are “unfounded conspiracy theories” and “total BS,” the company’s boisterous, barrel-chested chief executive officer wrote. While the U.S. government hasn’t disclosed any evidence of the ties, internal company emails obtained by Bloomberg Businessweek show that Kaspersky Lab has maintained a much closer working relationship with Russia’s main intelligence agency, the FSB, than it has publicly admitted. It has developed security technology at the spy agency’s behest and worked on joint projects the CEO knew would be embarrassing if made public.
Most major cybersecurity companies maintain close ties to home governments, but the emails are at odds with Kaspersky Lab’s carefully controlled image of being free from Moscow’s influence. Kaspersky’s work with Russian intelligence could scare off business in Western Europe and the U.S., where Russian cyber operations have grown increasingly aggressive, including attempts to influence elections. Western Europe and the U.S. accounted for $374 million of the company’s $633 million in sales in 2016, according to researcher International Data Corp.
“When statements are taken out of context, anything can be manipulated to serve an agenda,” the company said in a statement. “Kaspersky Lab has always acknowledged that it provides appropriate products and services to governments around the world to protect those organizations from cyberthreats, but it does not have any unethical ties or affiliations with any government, including Russia.”
Antivirus companies are especially delicate because the products they make have access to every file on the computers they protect. The software also regularly communicates with the maker to receive updates, which security experts say could theoretically provide access to sensitive users such as government agencies, banks, and internet companies. Adding to the U.S. government’s jitters, Kaspersky recently has developed products designed to help run critical infrastructure such as power grids.
The previously unreported emails, from October 2009, are from a thread between Eugene Kaspersky and senior staff. In Russian, Kaspersky outlines a project undertaken in secret a year earlier “per a big request on the Lubyanka side,” a reference to the FSB offices. Kaspersky Lab confirmed the emails are authentic.
Kaspersky Lab CEO Eugene Kaspersky speaks at a plenary meeting titled “Cybersecurity in the Face of New Challenges and Threats,” part of the Finopolis 2016 forum of innovative financial technologies, in Kazan, Russia.PHOTOGRAPHER: GETTY IMAGES
The software that the CEO was referring to had the stated purpose of protecting clients, including the Russian government, from distributed denial-of-service (DDoS) attacks, but its scope went further. Kaspersky Lab would also cooperate with internet hosting companies to locate bad actors and block their attacks, while assisting with “active countermeasures,” a capability so sensitive that Kaspersky advised his staff to keep it secret.
“The project includes both technology to protect against attacks (filters) as well as interaction with the hosters (‘spreading’ of sacrifice) and active countermeasures (about which, we keep quiet) and so on,” Kaspersky wrote in one of the emails.
“Active countermeasures” is a term of art among security professionals, often referring to hacking the hackers, or shutting down their computers with malware or other tricks. In this case, Kaspersky may have been referring to something even more rare in the security world. A person familiar with the company’s anti-DDoS system says it’s made up of two parts. The first consists of traditional defensive techniques, including rerouting malicious traffic to servers that can harmlessly absorb it. The second part is more unusual: Kaspersky provides the FSB with real-time intelligence on the hackers’ location and sends experts to accompany the FSB and Russian police when they conduct raids. That’s what Kaspersky was referring to in the emails, says the person familiar with the system. They weren’t just hacking the hackers; they were banging down the doors.
The project lead was Kaspersky Lab’s chief legal officer, Igor Chekunov, a former policeman and KGB officer. Chekunov is the point man for technical support to the FSB and other Russian agencies, say three people familiar with his role, and that includes gathering identifying data from customers’ computers. One Kaspersky Lab employee who used to ride along with Russian agents on raids was Ruslan Stoyanov, whose technology underpinned the company’s anti-DDoS efforts, says the person familiar with the program. Stoyanov previously worked in the Interior Ministry’s cybercrime unit. In December he and a senior FSB cyber investigator were arrested on treason charges, adding a bizarre twist to the company’s relationship to the government. Kaspersky Lab has said the case involved allegations of wrongdoing before Stoyanov worked for the company. Stoyanov couldn’t be reached for comment.
In the emails, Kaspersky said the aim of the project for the FSB was to turn the anti-DDoS technology into a mass-market product for businesses. “In the future the project may become one of the items on the list of services that we provide to corporate customers,” he wrote. Kaspersky now sells its DDoS protection service to large companies, installing sensors directly inside customers’ networks. The company’s website contains a large red notice that it’s not available in the U.S. or Canada.
The U.S. government hasn’t identified any evidence connecting Kaspersky Lab to Russia’s spy agencies, even as it continues to turn up the heat. In June, FBI agents visited a number of the company’s U.S. employees at their homes, asking to whom they reported and how much guidance they received from Kaspersky’s Moscow headquarters. And a bill was introduced in Congress that would ban the U.S. military from using any Kaspersky products, with one senator calling ties between the company and the Kremlin “very alarming.” Russia’s communications minister promptly threatened sanctions if the measure passed.
Indeed, many in Russia see the anti-Kaspersky campaign as politics with a dash of protectionism. “This is quite useless to find any real evidence, any real cases where Kaspersky Lab would violate their privacy policies and transfer some data from U.S. customers, from U.S. enterprise clients, to Russian intelligence or FSB,” says Oleg Demidov, a consultant for researcher PIR Center in Moscow who studies Russian cyberattacks. “There are no such cases. At least, they are not publicly discussed.”
There’s another possibility, given Kaspersky Lab’s success at embedding its products in sensitive locations. Last year, Eugene Kaspersky announced the launch of the company’s secure operating system, KasperskyOS, designed to run systems that control electrical grids, factories, pipelines, and other critical infrastructure. The U.S. Defense Intelligence Agency reportedly circulated a warning that the product could let Russian government hackers disable those systems, a claim Kaspersky denied.
Fourteen years in development, Kaspersky Lab’s secure OS is designed to be easily adaptable for the internet of things, everything from web-connected cameras to cars. That could be a great business model for the Russian company. U.S. national security officials seem determined to make sure it isn’t. —With Carol Matlack
BOTTOM LINE - Kaspersky Lab’s ties to the Russian government may threaten its business in the U.S. and Western Europe, which account for almost 60 percent of its sales.
https://www.bloomberg.com/news/articles ... telligence








