US Officials Are Warning About A Russian Cybersecurity Company's US Government Ties
Last edited Tue May 9, 2017, 03:42 AM - Edit history (4)
Source: BuzzFeed News
WASHINGTON, DC US intelligence officials are expressing concern over a Russian cybersecurity companys access to US government systems and pushing the General Services Administration for answers on how long it has been approved for use by US agencies.
Three US intelligence officials told BuzzFeed News they were concerned by what they categorized as a close relationship between the company, Kaspersky, and the Russian government, and what giving the company access to US government systems could mean. All of the officials who spoke with BuzzFeed News requested anonymity to discuss internal intelligence community conversations about Kaspersky.
A spokesperson for Kaspersky told BuzzFeed News that the company has no ties to any government, and the company has never helped, nor will help, any government in the world with its cyberespionage efforts. For 20 years, Kaspersky Lab has been focused on protecting people and organizations from cyberthreats, and its headquarters location doesnt change that mission--just as a U.S.-based cybersecurity company doesnt send or allow access to any sensitive data from its products to the U.S. government, Kaspersky Lab products also do not allow any access or provide any secret data to any countrys government. The concern over Kasperskys access to US government agencies comes amid rising alarm in Washington over the security of government systems, and the hacking of the DNC and Clinton campaign, which the intelligence community has blamed on Moscow.
The officials said that they had not seen any evidence linking Kaspersky to the Kremlins election operation, but said the concerns are, instead, stemming from broader concern over Russian meddling in US affairs.
Read more: https://www.buzzfeed.com/alimwatkins/us-officials-are-warning-about-a-russian-cybersecurity?utm_term=.vnAWyJLML#.jgpYB03Z3
The problem is obscured, according to the article, by contractors that work for the US government and subcontract work out to Kaspersky. And it gets worse: "Kaspersky software appears to be a 'licensed component of other cyber products' sold by other vendors in use by the US government."
ON EDIT: Here is an article I just found, about Kaspersky holding a competition for students from 19 universities in the US and the UK -- related to technology for DIGITAL VOTING SYSTEMS.
So America's best and brightest are being hooked up with Kaspersky while they're still in school. And they're working on voting machine software. Great.
https://blog.kaspersky.com/cybersecurity-case-study/13575/
[div class"excerpt"]Over the past few weeks, teams from 19 universities in the US and UK competed in Kaspersky Labs Cybersecurity Case Study Competition, hosted by The Economists Which MBA? site. The teams were challenged with a complex task:
Can technology play a greater positive role in democracy and the way people make important decisions about the future of their countries? With digital voting, a new wave of challenges rolls in: from guaranteeing the anonymity of voters to the prevention of fraud, all the while ensuring the security of the voting system itself. One small vulnerability or oversight could very well change the course of a nations history.
https://www.democraticunderground.com/10029033674
= new reply since forum marked as read
The article notes at the end -
That company was founded under Yeltsin and I wouldn't be surprised if it has been very much co-opted for use by the current President of Russia.
Both the NSA and the GCHQ heavily targeted the Russia-based antivirus company Kaspersky Lab, The Intercept reports, citing documents leaked by NSA whistleblower Edward Snowden.
Targeting antivirus software is highly strategic. Security products often run on operating systems using the highest of computer privileges. If attackers are able to exploit such softwares, it's possible for the hackers to do even more damage with the elevated control the software grants.
The new documents indicate the NSA was able to gain access to a trove of Kaspersky-specific information, including:
"Leaky" user information that was being transmitted through the company’s networks Private emails sent to the firm Lists of new malware that were flagged for Kaspersky
This sort of cyberespionage has become somewhat common, with governments trying to find vulnerabilities in security software and antivirus companies trying to discover state-led attacks. The report explains:
Spy agencies seem to be engaged in a digital game of cat and mouse with anti-virus software companies; the U.S. and U.K. have aggressively probed for weaknesses in software deployed by the companies, which have themselves exposed sophisticated state-sponsored malware.
<...>
http://www.businessinsider.com/snowden-documents-reveal-nsa-targeted-kaspersky-and-other-antivirus-companies-2015-6
especially if they already had a "company" that was expert in vulnerabilities and exploits.
It's just a mess. 
the public relations statement provided by a Russian company whose employee has just been accused of treason, and was led away with his head in a bag.
You're someone who knows something about computers, unlike me. We need people like you to work on this.
My fascination with the Internet and server security is just a hobby but maybe that's what makes it more obvious to me. I'm not prone to look the other way for the sake of the money or be controlled by the politics of it.
When have you ever had a better excuse to indulge your "hobby"?
There's also a Kaspersky connection to Snowden, but that's not my business... 
