US intel chiefs express doubts about Kaspersky security software

WASHINGTON, DC - MAY 11: cting FBI Director Andrew McCabe (L) and Central Intelligence Agency Director Mike Pompeo (R) testify before the Senate Intelligence Committee with the other heads of the U.S. intelligence agencies in the Hart Senate Office Building on Capitol Hill May 11, 2017 in Washington, DC. The intelligence officials were questioned by the committee during the annual hearing about world wide threats to United States' security.

FBI’s acting director tells Senate his agency is ‘very concerned’ about the cybersecurity firm due its Russian origins.

Top US intelligence chiefs on Thursday publicly expressed doubts about the global cybersecurity firm Kaspersky Labs because of its roots in Russia.

Six leading intelligence officials told a Senate hearing on external threats to the United States of their concerns over the firm’s broad presence, without specifying any particular threat.

Asked if he was aware of a security threat tied to Kaspersky software, Federal Bureau of Investigation acting director Andrew McCabe replied: “We are very concerned about it and we are focused on it very closely.”

Defense Intelligence Agency director Lieutenant General Vincent Stewart said his agency is avoiding the company’s products.

“There is, as well as I know, no Kaspersky software on our networks,” he said, adding that the agency’s private sector contractors are also steering clear.

Also indicating their concerns in brief were the heads of the Central Intelligence Agency, the National Security Agency, the National Geospatial Intelligence Agency and the Director of National Intelligence.

“I am personally aware and involved as director of the National Security Agency in the Kaspersky Lab issue,” NSA head Mike Rogers said.

Kaspersky was founded in Moscow in 1997 by Eugene Kaspersky, a computer engineer who served in the Russian military.

The company quickly expanded to a global presence, with 3,600 employees, 400 million users of its software, and revenue of some $620 million in 2015, according to its website.

Its antivirus programs regularly rank in the top five of such software for personal and business computers.

But US officials have expressed doubts over its recruitment of some staff with alleged links to Russian defense and intelligence bodies.

Some worry that it might offer Russian intelligence a secret backdoor into users’s computers. US officials are particularly worried that foreign hackers could penetrate US infrastructure via suspect software and malware.

Kaspersky denied having ties to any government.

“The company has never helped, nor will help, any government in the world with its cyber espionage efforts,” it said in a statement Thursday.

“Kaspersky Lab believes it is completely unacceptable that the company is being unjustly accused without any hard evidence to back up these false allegations.”

Commenting on Reddit Thursday, Eugene Kaspersky also said his company had no links to the Russian government, offering to testify in the Senate.

“I respectfully disagree with their opinion, and I’m very sorry these gentlemen can’t use the best software on the market because of political reasons,” he said, referring to the intelligence chiefs.

Front-door access

The allegations against Kaspersky come amid heightened US concerns over Russian hacking after what intelligence chiefs say was a significant effort directed by Russian President Vladimir Putin to interfere with last year’s election.

President Donald Trump’s former national security advisor Michael Flynn is under investigation for his links to Russia, which include being paid $11,250 to speak at a Kaspersky function.

But Sean Kanuck, a former CIA officer who was the first US national intelligence officer for cyber issues, said the worries about Kaspersky have mainly come from US lawmakers who don’t understand that it gets paid by companies and US government agencies to have “front-door” access to their systems.

“That means that any Congressional questions about ‘back doors’ in Kaspersky products reflect a certain naivete, because many of Kaspersky’s clients are intentionally paying for full-content monitoring on their networks.”


Please enter your comment!
Please enter your name here

Questo sito usa Akismet per ridurre lo spam. Scopri come i tuoi dati vengono elaborati.