The Russian Company That Is a Danger to Our Security

[TecMan]

The Russian Company That Is a Danger to Our Security
By JEANNE SHAHEEN SEPT. 4, 2017

 

The Kremlin hacked our presidential election, is waging a cyberwar against our NATO allies and is probing opportunities to use similar tactics against democracies worldwide. Why then are federal agencies, local and state governments and millions of Americans unwittingly inviting this threat into their cyber networks and secure spaces?

 

That threat is posed by antivirus and security software products created by Kaspersky Lab, a Moscow-based company with extensive ties to Russian intelligence. To close this alarming national security vulnerability, I am advancing bipartisan legislation to prohibit the federal government from using Kaspersky Lab software.

 

Kaspersky Lab insists that it has “no inappropriate ties with any government.” The company’s products, which are readily available at big-box American retailers, have more than 400 million users around the globe. And it provides security services to major government agencies, including the Department of State, the National Institutes of Health and, reportedly, the Department of Defense.

 

But at a public hearing of the Senate Intelligence Committee in May, six top intelligence officials, including the heads of the F.B.I., C.I.A. and National Security Agency, were asked if they would be comfortable with Kaspersky Lab software on their agencies’ computers. Each answered with an unequivocal no. I cannot disclose the classified assessments that prompted the intelligence chiefs’ response. But it is unacceptable to ignore questions about Kaspersky Lab because the answers are shielded in classified materials. Fortunately, there is ample publicly available information to help Americans understand the reasons Congress has serious doubts about the company.

 

The firm’s billionaire founder, Eugene Kaspersky, graduated from the elite cryptology institute of the K.G.B., the Soviet Union’s main intelligence service, and was a software engineer for Soviet military intelligence. He vehemently dismisses concerns that his company assists Russia’s intelligence agencies with cyberespionage and claims that he is the target of Cold War-style conspiracy theories. But Kaspersky Lab has Bloomberg recently reported on emails from October 2009 in which Mr. Kaspersky directs his staff to work on a secret project “per a big request on the Lubyanka side,” a reference to the F.S.B.’s Moscow offices. The McClatchy news service uncovered records of the official certification of Kaspersky Lab by Russian military intelligence, which experts in this field call “persuasive public evidence” of the company’s links to the Russian government.

 

The challenge to United States national security grew last year when the company launched a proprietary operating system designed for electrical grids, pipelines, telecommunications networks and other critical infrastructure. The Defense Intelligence Agency recently warned American companies that this software could enable Russian government hackers to shut down critical systems.

 

Beyond the evidence of direct links between Mr. Kaspersky and the Russian government, we cannot ignore the indirect links inherent in doing business in the Russia of President Vladimir Putin, where oligarchs and tycoons have no choice but to cooperate with the Kremlin. Steve Hall, former C.I.A. station chief in Moscow, told a reporter: “These guys’ families, their well-being, everything they have is in Russia.” He added that he had no doubt that Kaspersky Lab “could be, if it’s not already, under the control of Putin.”

 

The technical attributes of antivirus software amplify the dangers from Kaspersky Lab. Mr. Kaspersky might be correct when he says that his antivirus software does not contain a “backdoor”: code that deliberately allows access to vulnerable information.

 

But a backdoor is not necessary. When a user installs Kaspersky Lab software, the company gets an all-access pass to every corner of a user’s computer network, including all applications, files and emails. And because Kaspersky’s servers are in Russia, sensitive United States data is constantly cycled through a hostile country. Under Russian laws and according to Kaspersky Lab’s certification by the F.S.B., the company is required to assist the spy agency in its operations, and the F.S.B. can assign agency officers to work at the company. Russian law requires telecommunications service providers such as Kaspersky Lab to install communications interception equipment that allows the F.S.B. to monitor all of a company’s data transmissions.

 

The Senate Armed Services Committee in June adopted my measure to prohibit the Department of Defense from using Kaspersky Lab software, to limit fallout from what I fear is already a huge breach of national security data. When broad defense legislation comes before the Senate in the weeks ahead, I hope to amend it to ban Kaspersky software from all of the federal government.

 

Americans were outraged by Russia’s interference in our presidential election, but a wider threat is Russia’s doctrine of hybrid warfare, which includes cybersabotage of critical American infrastructure from nuclear plants to electrical grids. Kaspersky Lab, with an active presence in millions of computer systems in the United States, is capable of playing a powerful role in such an assault. It’s time to put a stop to this threat to our national security.

 

 

https://www.nytimes.com/2017/09/04/opinion/kapersky-russia-cybersecurity.html

 

 

[knowledge-Spammer]

https://www.nytimes.com/2017/09/04/opinion/kapersky-russia-c…nion-c-col-right-region&WT.nav=opinion-c-col-right-region&_r=0

not working

[straycat19]

26 minutes ago, knowledge said:

https://www.nytimes.com/2017/09/04/opinion/kapersky-russia-c…nion-c-col-right-region&WT.nav=opinion-c-col-right-region&_r=0

not working

 

Correct link is

https://www.nytimes.com/2017/09/04/opinion/kapersky-russia-cybersecurity.html

 

Notice it is an OPINION article, not something actually being reported.  And everyone knows the old saying about opinions, they are like assholes, everyone has one and they are all different.

[tao]

A relevant joke:

 

All the organs of the body were having a meeting, trying to decide who was the one in charge.
"I should be in charge," said the brain, "Because I run all the body's systems, so without me nothing would happen."
"I should be in charge," said the blood, "Because I circulate oxygen all over so without me you'd all waste away."
"I should be in charge," said the stomach," Because I process food and give all of you energy."
"I should be in charge," said the legs, "because I carry the body wherever it needs to go."
"I should be in charge," said the eyes, "Because I allow the body to see where it goes."
"I should be in charge," said the rectum, "Because I'm responsible for waste removal."
All the other body parts laughed at the rectum and insulted him, so in a huff, he shut down tight.
Within a few days, the brain had a terrible headache, the stomach was bloated, the legs got wobbly, the eyes got watery, and the blood was toxic. They all decided that the rectum should be the boss.
The moral of the story? Even though the others do all the work... the @$$hole is usually in charge.

From < here >

 

[capt_blake]

I personally trust more those 2 security researchers (and a couple of others I follow on Twitter; and they are unanimous on what this oped is - "bs")...Really strangely stupid article.
Someone got paid to coin it.
..The NatSec of the USA seems going down fast (that's not good).
 

 

 

 

[Holmes]

I agree this article is trash kaspersky is awesome.

[DKT27]

There we go again. Time and again I have said we are not political site. Still members think anyone writing an political opinion, hiding it under the name of technology and spreading it as news is fine.

 

Still, I have to maintain, that this opinion, even if political in nature, is in interest of our site as it's a technology site. But, still, this is not news. So with some exceptions, I'm moving this thread to The Chat Bar. I will have to close it if people keep fighting over it.

 

No matter which side you are on. I think everyone would agree, politics these days has been creeping in too much into technology. Which is not in the best interest of it.

[tao]

When was  technology (and Science -- yes, even Science) free of politics (and pure)?

[DKT27]

16 minutes ago, adi said:

When was  technology (and Science -- yes, even Science) free of politics (and pure)?

 

It is not. But I'm talking about national / international politics. You do not think about such type of politics when you talk about a download manager or a graphics card for that matter.

 

Also, ultimately, the aim is that the community should not be divided. We are grown ups that in most cases have grown over the AMD vs Intel and AMD vs nVidia arguments. But we somehow are not able to discuss national / international politics without most getting angry at each other, dividing the community with some times even leading to abuses between the members here.

[tao]

Have you noticed [that] most politics (international, national, or local) is practiced by "grown ups" -- and not children?

 

And  another definition of "grown ups" is [that] they do not let politics (or other such matters) divide them.

 

(And they do this by facing and dealing with it rather than (forcefully) avoiding and even going as far as banning it.  )

 

[freeforever03]

21 hours ago, adi said:

Funny but true!! Nice post.

 

A relevant joke:

 

All the organs of the body were having a meeting, trying to decide who was the one in charge.
"I should be in charge," said the brain, "Because I run all the body's systems, so without me nothing would happen."
"I should be in charge," said the blood, "Because I circulate oxygen all over so without me you'd all waste away."
"I should be in charge," said the stomach," Because I process food and give all of you energy."
"I should be in charge," said the legs, "because I carry the body wherever it needs to go."
"I should be in charge," said the eyes, "Because I allow the body to see where it goes."
"I should be in charge," said the rectum, "Because I'm responsible for waste removal."
All the other body parts laughed at the rectum and insulted him, so in a huff, he shut down tight.
Within a few days, the brain had a terrible headache, the stomach was bloated, the legs got wobbly, the eyes got watery, and the blood was toxic. They all decided that the rectum should be the boss.
The moral of the story? Even though the others do all the work... the @$$hole is usually in charge.

From < here >

 

 

[ThumperZ1]

The fact is, year after year, Kaspersky has proven to be the best antivirus product on the market.

[jtmulc]

13 hours ago, ThumperZ1 said:

The fact is, year after year, Kaspersky has proven to be the best antivirus product on the market.

 

[puts on tinfoil hat]

For decades I've wondered if security software companies pay virus and malware authors to create problems that they can sell products to protect against.

[I4rg£8all8ag]

Kaspersky is awesome, fact... That's not to say it couldn't be a medium used for "black things". The two can go together and don't have to be separate. ✌

[nIGHT]

...and I thought this was a legit news but  instead just an opinion.

 

[DKT27]

On 9/6/2017 at 5:38 PM, adi said:

Have you noticed [that] most politics (international, national, or local) is practiced by "grown ups" -- and not children?

 

And  another definition of "grown ups" is [that] they do not let politics (or other such matters) divide them.

 

(And they do this by facing and dealing with it rather than (forcefully) avoiding and even going as far as banning it.  )

 

 

The children have no problem in arguing with others, then after that they have no problems patching up with others too. But it's the adults that, once divided, are least willing to let go of their stand and anger against others if and whenever required.

 

11 hours ago, jtmulc said:

 

[puts on tinfoil hat]

For decades I've wondered if security software companies pay virus and malware authors to create problems that they can sell products to protect against.

 

There have been some reports about this. There has been a strong belief in the hacking community from decades that not one, but multiple AVs have themselves manufactured badware so they can sell their own AV. But in the these times, I doubt it's easy to get away doing so.

[pc71520]

On 6/9/2017 at 8:46 PM, ThumperZ1 said:

The fact is, year after year,

Kaspersky has proven to be the best antivirus product in the market.

I second that.