US Government Bans Agencies From Using Russian Cybersecurity Software Over Spying Fears

State governments have been using software as well

The US government has banned federal agencies from using Kaspersky Lab security software, a Russian company, over concerns it may be tied to state-sponsored espionage.

Acting Homeland Security Secretary Elaine Duke has issued a directive given at least six federal agencies a timeline to get rid of the software from government networks.

The move comes amid parallel investigations by Congress, and the FBI under Special Prosecutor Robert Mueller into Russian interference in the 2016 presidential election and potential ties between Donald Trump’s 2016 campaign team and Russian officials.

The agencies have 30 days to identify if they are using the software in question, 60 days to come up with a plan to uninstall it and find a replacement, and 90 days to actually begin uninstalling and replacing the Kaspersky software.

According to US officials not authorised to speak publicly about the matter, Ms Duke feels the company’s relationship with the Russian government poses a security threat to the US government – the Kremlin could access federal information through a backdoor.

In a statement accompanying its directive, the Department of Hiomeland Security said it was “concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks.”

It continued: “The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates US national security.”

The department said it would provide Kaspersky with the opportunity to submit a written response to address the allegations. The agency said other entities claiming commercial interests affected by the directive could also submit information

R. David Edelman, who leads a cybersecurity project at MIT’s Internet Policy Research Initiative and Centre for International Studies, told The Independent that the move signals “the idea that we’re in a chilly period for U.S.-Russia relations, especially on cybersecurity matters.”

Mr Edelman points out that the General Services Administration, an independent federal agency tasked with handling the basic functions of government, had taken Kaspersky Lab software off its approved vendor and procurement list back in July 2017.

For its part, Kaspersky said in a statement that it has no ties to the Russian government.

Source: independent.co.uk
0 Comments