Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Warns US Private Sector To Cut Ties With Kaspersky (cyberscoop.com)

Posted by EditorDavid on from the watching-in-Washington dept.

An anonymous reader quotes CyberScoop: The FBI has been briefing private sector companies on intelligence claiming to show that the Moscow-based cybersecurity company Kaspersky Lab is an unacceptable threat to national security, current and former senior U.S. officials familiar with the matter tell CyberScoop... The FBI's goal is to have U.S. firms push Kaspersky out of their systems as soon as possible or refrain from using them in new products or other efforts, the current and former officials say.

The FBI's counterintelligence section has been giving briefings since beginning of the year on a priority basis, prioritizing companies in the energy sector and those that use industrial control (ICS) and Supervisory Control and Data Acquisition (SCADA) systems. In light of successive cyberattacks against the electric grid in Ukraine, the FBI has focused on this sector due to the critical infrastructure designation assigned to it by the Department of Homeland Security... The U.S. government's actions come as Russia is engaged in its own push to stamp American tech giants like Microsoft out of that country's systems.
Meanwhile Bloomberg Businessweek claims to have seen emails which "show that Kaspersky Lab has maintained a much closer working relationship with Russia's main intelligence agency, the FSB, than it has publicly admitted" -- and that Kaspersky Lab "confirmed the emails are authentic."

Kaspersky Lab told ZDNet they have not confirmed the emails' authenticity. A representative for Kaspersky Lab says that the company does not have "inappropriate" ties with any government, adding that "the company does regularly work with governments and law enforcement agencies around the world with the sole purpose of fighting cybercrime."

10 of 173 comments (clear)

  1. Cum grano salis by sehlat · · Score: 5, Insightful

    Given that the FBI has repeatedly made it plain that they want unrestricted and owner-involuntary access to every piece of hardware on this planet, I'd take any cybersecurity recommendation they make with a grain of salt the size of the Benjamin Franklin.

    1. Re:Cum grano salis by fustakrakich · · Score: 4, Insightful

      Kaspersky can make a great advertising campaign out of this.

      *Banned in the US for refusing to whitelist government malware*

      --
      “He’s not deformed, he’s just drunk!”
    2. Re:Cum grano salis by Dracos · · Score: 2, Insightful

      Agreed. This sudden vendetta against Kaspersky suddenly feels less like they did something and more like they refused to do something the government wants.

    3. Re:Cum grano salis by green1 · · Score: 2, Insightful

      If you're an average citizen, you're far safer with a foreign power watching you than a domestic one. The foreign one is unlikely to be able to do anything about things they don't like.

      Now if you're the one who runs the domestic spy agencies that's a different story, but for the rest of us, I always assume someone's watching, I always just hope it's nobody who has any power over me.

  2. Better idea. by Gravis+Zero · · Score: 3, Insightful

    Cut all ties with Microsoft and you won't even need ties to Kaspersky Lab. We should all cut ties with Microsoft.

    --
    Anons need not reply. Questions end with a question mark.
  3. What would be inappropriate? by LeftCoastThinker · · Score: 5, Insightful

    Maybe the question to ask Kaspersky is what exactly would an inappropriate relationship with the FSB look like according to them? It seems like there is some pretty damning evidence that a bad actor state (Russia) has been working closely with Kaspersky in a way that violates the expectation of most of the free world. If Kaspersky is serious about clearing it's name, it should clearly define and limit it's relationship with the FSB and the Russian government. Unfortunately for Kaspersky, being based in Russia, a country without a constitution or bill of rights limits what they can actually back up with action, unless they shift the bulk of their organization out of Russia, and I don't see that happening.

    --
    If you disagree, please post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like
  4. Offers to see code by Tyrsal · · Score: 5, Insightful

    Considering Kaspersky has been distressed enough about this negative publicity to directly offer both the FBI and CIA access to it's source code and these offers have been rebuffed, I'm not exactly sold on anything the FBI has to say here as being anything more than a stunt

    1. Re:Offers to see code by chill · · Score: 4, Insightful

      Access to source code is meaningless. You need to be able to match it to the different binaries, otherwise how do you know what you're looking at is what is actually executed?

      With complex code that uses dynamic libraries, and is updated sometimes DAILY like anti-malware software is, there is no benefit from viewing source that you don't compile and maintain yourself.

      --
      Learning HOW to think is more important than learning WHAT to think.
  5. Whitelisting by detritus. · · Score: 3, Insightful

    It probably has more to do with AV definitions and white-listing than a willingness to hand over code. Not only does the US government probably feel Kaspersky could whitelist Russian malware/heuristics, they also can't strong arm a Russian company to white-list their own.

  6. Re:Democrats have been on this by johanw · · Score: 1, Insightful

    Kaspersky was the first to analyse some American attack virusses like Stuxnet and that has pissed the deep government agencies off.