US President Joe Biden’s administration launched a national security investigation into Russia’s AO Kaspersky Lab antivirus software earlier this year amid fears of a Russian cyberattack after Moscow invaded Ukraine, three people familiar with the matter told Reuters. told.
A fourth person said the case was referred to the Department of Commerce by the Justice Department last year, but that Commerce had made little progress on it until then. white House And other administration officials urged him to proceed in March, three people said.
The point is that the Kremlin could be using antivirus software, which has privileged access to computer systems, to steal or tamper with sensitive information from American computers as tensions rise between Moscow and the West.
The three people said access to networks of federal contractors and operators of critical US infrastructure such as the power grid are considered particularly concerning.
US regulators have already banned the use of the federal government Kaspersky software, and could eventually force the company to take measures to reduce the risks posed by its products or to prohibit Americans from using them altogether.
The investigation, which was not previously reported, shows that the administration is digging deep into its tool kit to protect American citizens and corporations with its most obscure officials to hit Moscow. Russian cyber attacks.
“Given our generally open market, the authorities are really the only tool we have to deal with the threat (presented by Kaspersky) of the economy’s broader commercial base,” said Emily Killcrease, a former deputy assistant US trade representative.
Other regulatory powers prevent the government from allowing private sector use of software made by the Moscow-headquartered company, which has long been seen by US officials as a serious threat to US national security.
The Department of Commerce and Justice, and Kaspersky declined to comment. The company has for years denied wrongdoing or any secret partnership with Russian intelligence.
Officials target ‘foreign adversaries’
The ramped-up investigation is being executed using sweeping new powers created by the Trump administration that require the Commerce Department to ban transactions between US firms and Internet, telecommunications and tech companies from “anti-foreign” countries, including Russia and China. or to prohibit.
As for Kaspersky, commerce can use authorities to ban its use, prohibit the purchase of its software by US citizens, or restrict the download of updates through a regulation in the Federal Register.
A top Justice Department official said last year that the agency was investigating dozens of Russian companies, including “a known link between a particular company and Russian intelligence services”, to see if they had broken the US supply chain. has threatened. The department may refer some cases to Commerce for further action, then-Assistant Attorney General John Demers said at the time.
According to market research firm Gartner Inc., Reuters could not know whether the companies under review included Kaspersky, which earned an estimated $95.3 million (about Rs 740 crore) in US revenue in 2020, which was about 15 percent of that year’s global revenue.
According to US national security officials, it was unclear whether that figure included Kaspersky products sold by third parties under different brandings, a practice that creates confusion about the origins of the software.
In 2017, the Department of Homeland Security banned Kaspersky’s flagship antivirus product from federal networks, alleging ties to Russian intelligence and noting a Russian law that compels its intelligence agencies to seek assistance from Kaspersky and Russian networks. Blocks transfer communications.
The perceived threat has taken on more urgency since Russia’s invasion of Ukraine on 24 February, which Moscow describes as a “special military operation”.
In March, German officials warned that the Kremlin could force the Moscow-based company to participate in a cyberattack, or that agents of the Russian government could covertly use its technology to launch cyberattacks without its knowledge. can.
Kaspersky said in a statement that it was a privately managed company with no ties to the Russian government, and called the German warning politically motivated.
Reuters has reported that a day after Russia invaded Ukraine, the US government began privately warning some US companies that Moscow could manipulate Kaspersky-designed software to cause harm.
The White House asked the Treasury Department to prepare sanctions against the company, the Wall Street Journal reported last month, saying some officials pushed back over concerns it could increase the risk of a Russian cyberattack.
© Thomson Reuters 2022