Cybersecurity Firm With Ties to Russian Intel Protects 22 U.S. Government Agencies
Somehow the Moscow-based cybersecurity firm, Kaspersky which has been long suspected of being tied to Russian espionage, has been allowed to collect contracts with U.S. companies for the last two decades. But now U.S. intelligence agencies have caught on and have launched a massive probe on the firm.
In May, intelligence chiefs, including Adm. Mike Rogers, director of the National Security Agency and Cyber Command leader, said they were reviewing the firm.
Then five heads of five U.S. intelligence agencies agreed that they wouldn’t feel comfortable using Kaspersky products on their agency’s networks.
Kaspersky continues to deny having any ties to the Russian government and has said that it has not assisted the Kremlin with cyber espionage activities.
“Kaspersky Lab has no ties to any government, and the company has never helped, nor will help, any government in the world with its cyberespionage efforts. The company has a 20 year history in the IT security industry of always abiding by the highest ethical business practices and trustworthy development of technologies, and Kaspersky Lab believes it is completely unacceptable that the company is being unjustly accused without any hard evidence to back up these false allegations,” said Kaspersky in a statement to FCW.
This didn’t stop FBI agents from continuing its investigation. Agents went to the homes of U.S.-based Kaspersky employees to interview them as part of the investigation in June.
The committee put in place to investigate Kaspersky said it “is concerned that Kaspersky Lab is susceptible to manipulation by the Russian government, and that its products could be used as a tool for espionage, sabotage, or other nefarious activities against the United States.”
In early July, documents were found connecting the firm to a Russian spy agency.
“The documents are certifications issued to the company by the Russian Security Service, the spy agency known as the FSB,” writes the Chicago Tribune. “Unlike the stamped approvals the FSB routinely issues to companies seeking to operate in Russia, Kaspersky’s include an unusual feature: a military intelligence unit number matching that of an FSB program.”
“That strikes me as much more persuasive public evidence,” said Paul Rosenzweig, a former deputy secretary for policy at the Department of Homeland Security. “It makes it far more likely that much of the rumor and uncertainty about Kaspersky are true.”
At the end of July, the U.S. congressional panel requested that 22 government agencies, that have worked with Kaspersky in the past, to share documents on the firm.
The U.S. House of Representatives Committee on Science, Space and Technology believes it is investigating the firm’s products for allegedly carrying out “nefarious activities against the United States.”
The committee wants all Kaspersky lab documents dating back to January 1, 2013, and lists consisting of any contractors or subcontractors that used Kaspersky products.
The firm has now been removed from the federal government’s approved list of vendors.
Both the General Services Administration and NASA’s Solutions for Enterprise-Wide Procurement have officially removed Kaspersky from their list.
“GSA’s priorities are to ensure the integrity and security of U.S. government systems and networks and evaluate products and services available on our contracts using supply chain risk management processes,” said the GSA spokesperson to FCW.
“NASA has collaborated and coordinated with [the Office of Management and Budget], GSA and other government agencies on the removal of Kaspersky Lab products from the SEWP contracts,” said Joanne Woytek, NASA SEWP program manager.
China also even black listed Kaspersky back in 2014.
Author’s note: Even if Kaspersky wasn’t knowingly giving the Russian government access to U.S. government networks and information, Russia intelligence services are in full control of Russia’s networks. How did the Obama administration let the firm get so many government contracts?
Editor’s note: Do security people in government agencies really have to be told that a security software company in a hostile dictatorship is cooperating with their intelligence services? Another area where the Obama Administration doesn’t give a crap about U.S. security and secrets. It is sad how much damage was done to America during his tenure.