US ‘Elevates Security Probe’ Into Kaspersky Lab

The US presidential administration reportedly elevated the priority of a national security probe into Moscow-based Kaspersky Lab earlier this year amidst heightened fears of cyber-attacks due to the conflict in the Ukraine.

The case involving Kaspersky was referred to the Commerce Department last year but the department made little progress until the White House and other administration officials urged it forward in March, soon after Russia began its invasion of Ukraine, Reuters reported, citing unnamed sources.

The investigation involves long-held concerns in the US and elsewhere that the privileged place held by antivirus software such as Kaspersky’s within computer systems could be exploited by hostile countries to carry out cyber-attacks, such as by stealing passwords or other critical information.

Infrastructure risk

In this case officials are particularly concerned about the possibility of attacks on government contractors and operators of critical US infrastructure, the report said.

Kaspersky software is already banned for use in the US federal government and further measures could force the company to make security-motivated changes to its practices or could ban the software entirely in the US.

The antivirus maker has repeatedly denied any wrongdoing or a secret partnership with Russian security services.

The latest probe is making use of new powers introduced under the previous US administration that allow the Commerce Department to ban or restrict transactions between US companies and internet, telecom and technology firms from “foreign adversary” nations including Russia and China.

The department could use these powers to ban use of Kaspersky software, its purchase by US citizens, or the download of updates.

‘Foreign adversary’

Former President Donald Trump used the measures to try to ban Americans from using Chinese social media platforms such as TikTok and WeChat, but the moves were halted in federal courts.

In 2017 the Department of Homeland Security banned Kaspersky antivirus from federal networks, alleging ties to Russian intelligence and saying that Russian law could allow intelligence agencies to compel assistance from Kaspersky.

The same year the UK’s National Cyber Security Centre (NCSC) warned government departments not to use antivirus products with links to Russia for systems related to national security and those which were “critically important”.

In March, following the Ukraine invasion, Germany’s cyber-security authority, the Federal Office for Information Security (BSI), issued an official warning against using Kaspersky products due to threats made by Russia’s President Vladimir Putin against the EU, NATO and Germany.

Sanctions

Kaspersky said in a statement it is a private company with no ties to the Russian government and said the German warning was politically motivated.

The US government began privately warning some American companies against Kaspersky software the day after Russia invaded Ukraine, Reuters reported.

The White House asked the Treasury Department to prepare sanctions against Kaspersky, the Wall Street Journal reported in April, adding that some US officials resisted the move out of the fear of provoking Russian cyberattacks.