Global Weekly Executive Summary, 22 SEPT 2017
By MDL on September 29, 2017
Kaspersky Products Banned from US Federal Government Systems
The US Department of Homeland Security ordered a purge of all security products originating from Russian cybersecurity company Kaspersky Lab over national security concerns.
The US Department of Homeland Security (DHS) on 13 September “issued a Binding Operational Directive (BOD) directing Federal Executive Branch departments and agencies to take actions related to the use or presence of information security products, solutions, and services supplied directly or indirectly by AO Kaspersky Lab or related entities.”
Kaspersky Lab is headquartered in Moscow, although according to their USA Kaspersky website, “We are one of the world’s largest privately owned cybersecurity companies. We operate in 200 countries and territories and have 37 offices in 32 countries. Over 3,700 highly-qualified specialists work for Kaspersky Lab.” with “400 million users protected by our technologies and 270,000 corporate clients.”
DHS cites their priority to safeguard and ensure the integrity and security of federal information systems in their decision to issue the directive. This course of action was based on information security risks presented by the use of Kaspersky products on federal systems.
The security risks, according to the DHS statement, relate to the combination of factors– Kaspersky products provide access to user files and elevated privileges to systems, and the Moscow-based company may be vulnerable to Russian government influence leading to the compromise of US federal info systems.
Reasons given for BOD-17-01:
- Kaspersky Lab products/solutions provide broad access to files on systems and elevated privileges which could lead to compromise
- Concerned about the ties between Kaspersky Lab workers, Russian intelligence, and other Russian government agencies
- Concerned about requirements under Russian law that would allow Russian intelligence agencies to request or compel assistance from Kaspersky to intercept communications that transit Russian networks
- The risk that the Russian government may be able to use Kaspersky to gain access and compromise federal info systems would directly affect US national security.
BOD 17-01 Timeline:
- Within 30 days: Identify use/presence of Kaspersky products on federal government systems
- Within 60 days: Develop a detailed plan to remove/discontinue use of products
- Within 90 days: Begin to implement remove/discontinue plans
CEO and co-founder Eugene Kaspersky has accepted an invitation to testify before the House of Representatives Committee on Science, Space, and Technology to address US concerns. He continues to deny any ties to the Russian government and intelligence agencies and has repeatedly said that he would refuse to assist the Russian government with espionage.
No evidence of instances of data compromise related to Kaspersky products or collusion with the Russian government have been offered to the general public.
On Sept 8, electronics store Best Buy announced that it would be removing Kaspersky products from its stores and website.
Sources:
Department of Homeland Security, DHS Statement on the Issuance of Binding Operational Directive 17-01
Reuters, Kaspersky Lab co-founder accepts invitation to testify to U.S. Congress
New York Times, Kaspersky Lab Antivirus Software Is Ordered Off U.S. Government Computers
Washington Post, U.S. moves to ban Kaspersky software in federal agencies amid concerns of Russian espionage
-
Denmark Faces Largest Cybersecurity Incident to Date
Denmark Faces Largest Cybersecurity Incident to Date
12/8/2023 -
Defense Contractor, Japan Aviation Electronics, Falls Victim to a Cyber Attack
Defense Contractor, Japan Aviation Electronics, Falls Victim to a Cyber Attack
12/8/2023 -
North Korea Infiltrates Remote US Jobs to Fund Weapons
North Korea Infiltrates Remote US Jobs to Fund Weapons
11/2/2023