JAKARTA - The United States government began warning several American companies the day after Russia invaded Ukraine, February 24. They claim that Moscow can manipulate software designed by Russian cybersecurity firm Kaspersky to cause harm.
The secret briefing is part of Washington's broader strategy to prepare critical infrastructure providers such as water, telecommunications and energy for potential Russian interference.
US President Joe Biden said last week that sanctions imposed on Russia for its February 24 actions against Ukraine could result in a retaliatory strike. This includes cyber intrusion, but the White House did not provide specifics.
"The calculation of risk has changed with the Ukraine conflict," a senior US official said of Kaspersky software, as quoted by Reuters. "It's been increasing."
Kaspersky, one of the most popular anti-virus software makers in the cybersecurity industry, headquartered in Moscow and founded by Eugene Kaspersky. The Kaspersky founder is described by the US official as a former Russian intelligence officer.
A Kaspersky spokesperson said in a statement that a briefing about the purported risks of Kaspersky software would "further damage" Kaspersky's reputation "without giving the company the opportunity to respond directly to the concern" and that it was "inappropriate or fair."
The senior US official said Kaspersky staff based in Russia could be forced to provide or help establish remote access to their customers' computers by law enforcement or Russian intelligence services.
Eugene Kaspersky, according to his company's website, graduated from the Institute of Cryptography, Telecommunications and Computer Science, formerly run by the Soviet KGB. A company spokesman said Kaspersky worked as a "software engineer" during his military service.
The Russian cybersecurity company, which has offices in the United States, lists partnerships with Microsoft, Intel and IBM on its website. Microsoft declined to comment. Intel and IBM did not respond to requests for comment.
On March 25, the Federal Communications Commission added Kaspersky to its list of providers of communications equipment and services deemed a threat to US national security.
This is not the first time Washington has said Kaspersky could be influenced by the Kremlin.
The administration of US President Donald Trump, has spent months banning Kaspersky from government systems and warned companies against using the software in 2017 and 2018.
The US Security Agency conducted a series of similar cybersecurity briefings around Trump's ban. The content of the meeting four years ago was comparable to a recent briefing, according to a source in the US administration.
Over the years, Kaspersky has consistently denied any wrongdoing or any covert partnership with Russian intelligence.
Following the Trump administration's decision, Kaspersky has finally opened a series of transparency centers. They state that their partners can review the code to check for malicious activity. A company blog post at the time explained its aim was to build trust with customers after allegations emerged from the US.
But the US official said transparency centers were not a viable solution because they did not address the interests of the US government.
"Moscow software engineers handle [software] updates, that's where the risk comes in," they said. "They can send malicious commands through the updater and it comes from Russia."
Cybersecurity experts say that due to the normal way anti-virus software works on the computer it is installed on, it requires a deep level of control to detect malware. This makes anti-virus software an inherently profitable channel for espionage.
In addition, Kaspersky products are also sometimes sold under white label sales agreements. This means the software can be packaged and renamed in a commercial agreement by an information technology contractor. This makes their origins difficult to trace.
While not naming Kaspersky, the UK cybersecurity center on Tuesday also said organizations providing Ukraine-related services or critical infrastructure should reconsider the risks associated with using Russian computer technology in their supply chains.
"We have no evidence that the Russian state intends to provide Russian commercial products and services to cause harm to UK interests, but the absence of evidence is not evidence of absence," the National Center for Cybersecurity said in a blog post.
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)
