US President Joe Biden’s administration earlier this year conducted a national security probe into Russian antivirus software AO Kaspersky Lab amid fears of Russian cyberattacks following Moscow’s invasion of Ukraine, three people familiar with the matter told Reuters.
The case was referred from the Justice Department to the Commerce Department last year, a fourth person said, but the trade made little headway until March when the White House and other administration officials asked it to move forward, the three people added.
It’s about the risk that the Kremlin could use antivirus software, which has privileged access to a computer’s systems, to steal confidential information from or tamper with American computers as tensions between Moscow and the West escalate.
Access to the networks of federal contractors and operators of critical US infrastructure, such as power grids, is considered of particular concern, the three people said.
US regulators have already banned the federal government’s use of Kaspersky software and could ultimately force the company to take steps to reduce the risks posed by its products, or ban Americans from using it altogether.
The previously unreported investigation shows the government is reaching deep into its toolbox to hit Moscow with even its most obscure authorities to protect US citizens and businesses from Russian cyberattacks.
Given our generally open marketplace, the authorities are “really the only tool we have to deal with the[Kaspersky]threat on an economy-wide commercial basis,” said Emily Kilcrease, a former deputy assistant US trade representative.
Other regulatory powers do not allow the government to block the private sector’s use of the Moscow-based company’s software, which US officials have long considered a serious threat to US national security.
The Departments of Commerce and Justice and Kaspersky declined to comment. The company has denied wrongdoing or a secret partnership with the Russian secret service for years.
Authorities target “foreign adversaries”.
The ramped-up investigation will be conducted using broad new powers created by the Trump administration, allowing the Commerce Department to conduct transactions between US firms and internet, telecom and technology companies from “foreign adversarial” nations, including Russia and China. to prohibit or restrict.
For Kaspersky, Commerce could use government agencies to ban its use, US citizens from buying its software, or ban updates from downloading via an ordinance in the Federal Register.
The tools are largely untested. Former US President Donald Trump used them to ban Americans from using Chinese social media platforms TikTok and WeChat, but federal courts stopped the moves.
A senior Justice Department official said last year the agency is investigating dozens of Russian companies, including “a known connection between a particular company and Russian intelligence agencies,” to determine if they threaten the US supply chain. The department could refer some of the cases to Commerce for further processing, then-Deputy Attorney General John Demers said.
Reuters was unable to learn whether the companies under investigation included Kaspersky, which market research firm Gartner Inc said was worth an estimated $95.3 million in 2020.
It was not clear if that number included Kaspersky products sold by third parties under different brands, a practice that US security officials say is causing confusion about the origin of the software.
In 2017, the Department of Homeland Security banned Kaspersky’s flagship antivirus product from federal networks, claiming ties to Russian intelligence and citing a Russian law that allows its intelligence agencies to enforce Kaspersky’s support and intercept communications on Russian networks.
The perceived threat has gained urgency since Russia’s February 24 invasion of Ukraine, which Moscow has described as a “military special operation.”
In March, German authorities warned that the Kremlin could force the Moscow-based company to engage in cyberattacks, or that Russian government agents could covertly use its technology to launch cyberattacks without its knowledge.
Kaspersky said in a statement at the time it was a privately held company with no ties to the Russian government, and called the German warning politically motivated.
Reuters reported that the day after Russia invaded Ukraine, the US government began privately warning some American companies that Moscow could tamper with software developed by Kaspersky to cause harm.
The White House asked the Treasury Department to prepare sanctions against the company, the Wall Street Journal reported last month, adding that some officials had backtracked over concerns it could increase the risk of Russian cyberattacks.
© Thomson Reuters 2022
https://gadgets360.com/telecom/news/us-security-probe-kaspersky-lab-russia-ukraine-war-cyberattack-2959899 The US is to beef up the Kaspersky security probe over fears of cyberattacks amid the ongoing Russia-Ukraine war