US Government Weighing Sanctions Against Kaspersky Lab (cyberscoop.com) 99
An anonymous reader quotes a report from CyberScoop: The U.S. government is considering sanctions against Russian cybersecurity company Kaspersky Lab as part of a wider round of action carried out against the Russian government, according to U.S. intelligence officials familiar with the matter. The sanctions would be a considerable expansion and escalation of the U.S. government's actions against the company. Kaspersky, which has two ongoing lawsuits against the U.S. government, has been called "an unacceptable threat to national security" by numerous U.S. officials and lawmakers.
Officials told CyberScoop any additional action against Kaspersky would occur at the lawsuits' conclusion, which Kaspersky filed in response to a stipulation in the 2018 National Defense Authorization Act that bans its products from federal government networks. If the sanctions came to fruition, the company would be barred from operating in the U.S. and potentially even in U.S. allied countries.
Officials told CyberScoop any additional action against Kaspersky would occur at the lawsuits' conclusion, which Kaspersky filed in response to a stipulation in the 2018 National Defense Authorization Act that bans its products from federal government networks. If the sanctions came to fruition, the company would be barred from operating in the U.S. and potentially even in U.S. allied countries.
Re: (Score:2, Interesting)
I'll continue to use Kaspersky's antivirus because it's the best around and because if the the US government don't like them, then that must mean their shit is secure from the US government.
Re: (Score:2)
If the sanctions came to fruition, the company would be barred from operating in the U.S. and potentially even in U.S. allied countries.
Potentially, I suppose. If those allied countries agree, but plenty of those US allies are wary of the US' courts overreach.
Not my country though, if the CIA tell my government to jump they ask "how high?".
Re: (Score:1)
The bit that I thought was odd:
There's nothing odd about it.
Their election cheat has been exposed, they want to make sure the other guys can't use the same methods in the next round of elections.
Re: (Score:2)
Same here. And guess what, I use Kaspersky AV and it would be impossible for them to stop me (a private citizen) from using it. Sure, the government can ban the usage of the software in their own apparatus, but not in private homes.
Re: (Score:2)
Re: (Score:2)
Lo and behold, there is such a thing as Kaspersky Free Antivirus.
For working on (Score:5, Insightful)
Stuxnet
Flame
Equation Group https://en.wikipedia.org/wiki/... [wikipedia.org]
Android cyber-espionage used by 60 governments.
The internet needs all the security it can get. Why would the US not want quality global security research?
Re:For working on (Score:5, Interesting)
The answer is exceedingly self-evident: the US doesn't want research into its own malware.
and just for working... (Score:5, Interesting)
Yes, it is also clear that Kaspersky is the only major threat protection software that has not agreed to whitelist US government malware.
Have the US government realise that this is just a form of Striesand effect recommending Kaspersky to anyone who doesnt that the US to know their affairs?
Re: (Score:2)
Re: (Score:3)
Makes a user wonder what a lot of the other EU and US AV brands are doing that the US gov totally approves of?
They do what they must for a piece of that valuable US/EU/Five-Eyes market.
No different than US tech companies vis a vis China. Just look at how Google is assisting the Chinese government with it's digital tyranny over the population. Just a different authoritarian regime's security service to have to make happy in order to compete with the competition.
Strat
Re: (Score:2)
So no worried!
Did I say I approved?
I simply pointed out how amoral corporations view the markets and the government intelligence services related to them.
Go suck some more foreign cock Strat.
Not me, that's what the D.C. political elite in both parties do.
Strat
Not white-listing (Score:2)
US AV brands are doing that the US gov totally approves of?
They are not white-listing Russian malware ?
Same as EU vendors aren't white-listing Chinese malware ?
Slowly reaching the point where going the VirusTotal/MetaScan/etc. route is the best :
throw as many different AV engine at it, and hope that at least one of these engine won't have it on the whitelist mandated by their local government.
Re: and just for working... (Score:1, Informative)
Re: (Score:2)
Re:For working on (Score:5, Insightful)
Why would the US not want quality global security research?
Because Kasperky could detect the next US-government-sponsored malware. The other malware companies can be "convinced" to play nice.
why would the sanctions have to wait? (Score:2)
Re: (Score:3)
Because they have to judge the impacts.
When Trump threatened tariffs against steel/aluminium, Juncker in the EU being the absolute clueless corrupt prat he is made the same claim about waiting to see if it's worth applying sanctions against US brands like Harley Davidson and Levis.
Levis slipped off the list of possible companies a few days later, presumably because someone pointed out to him that sanctioning an American company that employs quite a few people in Europe (it has a factory in Italy, and stores
Re: Drone to death. (Score:3)
Moscow probably has a lot better air defences than our usual targets for military aggression.
Re: Drone to death. (Score:2)
All of my geopolitical rivals are drunken incompetents! No one is as cool as ME!
The Agenda (Score:5, Insightful)
It really seems to me that someone or someones high up in the U.S. govt really has it in for Kasperskey. Is that just my impression or does anyone else feel that way?
I would think that if the company actually had any malware in their security products it would have been detected by now. At the end of the day if they were doing Bad Guy Stuff then it would have to write Bad Guy Stuff either to local storage or onto the wire even if it is encrypted. There are a number of automated tools for detecting this both in a simulated environment (VM) and on real hardware.
Has there been any revealing of this kind of behavior that I missed? If not this seems like an awful lot of punishment in the absence of any crime.
So what's the motive here?
Re: The Agenda (Score:1)
One would think that if Kapersky software contained malware, the NSA could reveal it and kill the company with a single blow.
Re: (Score:1)
The agenda is that the mass media had made a huge anti Russia push because of Trump, and likely Kapersky are one of the few AV vendors they cannot get within their grasp to "whitelist" their spying tools or insert back doors to scan the public's PCs. Considering that no one independently has found anything wrong with Kapersky's software, that leans even more towards the prior agenda. If anything Kapersky might be one of the more trustworthy AVs to use cause god knows what all the other AVs have whitelisted
Re: The Agenda (Score:5, Interesting)
Always look at stuff from the professionally paranoid point of view (not an insult, gees they get cranky, just the nature of the job, you have to be professionally paranoid). The US governments wants to use entirely corrupt security letters to put back doors in security software sold to foreigners. Immediately they will suspect foreign governments of doing the same thing, the US does it, why wouldn't Russia or China do it. It has to be careful how it tackles this though, a blanket ban on foreign security software would generate a blanket ban on US security software and wipe out the security letters and back doors, mind you this includes stuff like M$ windows updates, which are now individually packaged, a specific user's computer get a specifically targeted update (only for high level hacks but will get caught if that computer is already being monitored by local intelligence agencies, change in traffic). It would be much cleaner to simply blanket ban all foreign security software and entirely reasonable to do so but the messy bit about US software being banned by foreign countries for exactly the same reason, forces this messy rubbish with Kaspersky. They will be banned one way or another, they will just have to accept that and the Russian government will ban US/EU security software for the same reason.
The only way out, open source the code and any updates and the updates must be served locally, only after the code for the update has been supplied and verified (so you can image open source security software becoming part of FOSS distributions to simplify the issue for everyone). Should the Russian government decide to be really mean, they can simply review copyright law and shorten copyright protection to 25 years from date of first publication and that will hurt the US by far the worst and many other NATO countries will also feel the brunt of that (UK/France). People would just source 60s, 70s and 80s content out of Russia (keep in mind, current movies demonstrate that music from those eras are much more popular than the autotune crap of the last couple decades and movie and TV series have similarly crapped out apart from the odd few exceptions). Of course China would join in, they are not really pleased with the US either and other partner countries would follow suit. So 2018 - 25 = 1993, so youch, makes the Kaspersky ban a joke in comparison and does not hurt Russia and China any where near as much as the US, a tiny fraction in comparison. US want's a trade war, it shouldn't be surprised 'when' it gets kicked in the copyright licence fee crown jewels, software as well. This US would lose far more in copyright licence fees than the entire rest of the world combined.
They can fend that off with a blanket ban on all foreign security software and simply not mention Russia or Kaspersky. Of course Russia and China could still simply extort 'er' bargain the 'Trump' way, to get greater cooperation from the US with the threat of the downward revision of copyright laws (originally 14 years, so very hard to diplomatically argue about 25 years but the money gone, wow, not just revenue but the valuation of assets, from billions to ZERO and that would also hurt the US dollar, a lot).
Re: (Score:3)
The issue is that it's security software with low level access to your system which is controlled by a company which is controlled by Putin. It may not have malware in it now, but of course it has mechanisms in place to enable the distribution of malware very quickly.
Re: (Score:2)
It doesn't need a backdoor. It is the backdoor. Every anti-virus program out there has automatic update functionality. Kaspersky installs by default with "Download and install updates automatically." enabled.... need I say more?
Re: (Score:1)
It really seems to me that someone or someones high up in the U.S. govt really has it in for Kasperskey. Is that just my impression or does anyone else feel that way?
I would think that if the company actually had any malware in their security products it would have been detected by now. At the end of the day if they were doing Bad Guy Stuff then it would have to write Bad Guy Stuff either to local storage or onto the wire even if it is encrypted. There are a number of automated tools for detecting this both in a simulated environment (VM) and on real hardware.
Has there been any revealing of this kind of behavior that I missed? If not this seems like an awful lot of punishment in the absence of any crime.
So what's the motive here?
That is not how sophisticated state owned malware works. They would not code in obvious malware like spyClass with method uploadSecretsToKGB(). They would bake in a very obscure security 0 day and just let their state sponsor know about it. When it eventually gets compromised it will be patched and they will act shocked. It would probably be a very miniscule security exploit that grants just enough access to compromise another app and then install the real malware payload. This is all assuming that the Russ
Re: (Score:3)
The problem for the USA and UK is that their gov/mil malware is regional and has to stay hidden.
When discovered the malware also has to look very average.
The UK wants to collect on every computer network in Ireland and all Irish supporters in the USA.
So subtle differences in gov malware only found in the wild in Ireland/USA would get detected by the more advanced AV brands.
The US wants collect it all but different cyber projects do not want to collect within the USA, 5
Re: (Score:2)
Yes. They aren't accused of having malware inside their product, but rather that their product sends back hashes of files found on the system. This is normal AV behavior, as they use the hashes to identify known good files from known bad.
However, the accusations were this, combined with the ability to send whole files up for cloud analysis, have been used by the Russian Gov't to identify classified material on U.S. systems and steal files.
While Kaspersky themselves claim no such activities, and that their u
Re: (Score:2)
[...] been used by the Russian Gov't to identify classified material on U.S. systems and steal files.
That would justify not allowing Kaspersky as antivirus on government machines that handle classified material. If they have allowed this before that would have been surprisingly stupid. Or does it work like that? "Hey, this machine handles classified data, so make sure to put an arbitrary, foreign anitivirus program on it." That would be stupid.
No, there is more to the story than meets the eye. Kaspersky's cloud service has uploaded NSA malware and they have analyzed it. That's why US authorities are so fur
Re: The Agenda (Score:1)
Re: (Score:2)
A surprise move stops foes dead! (Score:2)
In a politically-correct response, Kaspersky has a new name, which would have far reaching global consequences. They made the stunning announcement before the decision was made official in US courts with regards to the sanctions. A spokesman said that it is not a reaction to other politically charged news -- this was in their plans for two years they said. " We are now known as Kowalski Labs
Re: (Score:1)
Re: (Score:1)
Private sanctions (Score:2)
Re: (Score:1)
Re: (Score:2)
I trust the NSA, FISA, FBI and bulk collection about as far as I could throw them.
Re: (Score:1)
Re: Russia Too Agressive (Score:2)
Sorry but if questioning bulk collection, secret courts and the US spying on their own citizens makes me a 5th columnist, pass the borscht comrade. Wake up and read what started all of this too because We aren't the global arbiters of truth anymore.
Pompus twits like you who blindly follow along believing the US is beneficent and can do no wrong will be the death of our constitutional rights all because of terrorists and dem ruskies.
As someone who has just listed Kaspersky products (Score:2)
Re: (Score:1)
Meh. Trump admin will stop this (Score:2)
FUD (Score:2)
Kaspersky has worked to uncover some of the worst malware out there and I think that's at the root of this. Why? Because the US has lost some of its best tools for spying, hacking and infiltration because of their work. Does it bother me that they're based out of Russia? No. We still do a lot of business with the Russian gov't and that's what gets lost. Anybody remember the ISS? How do US astronauts get to/from it?
So okay, US Gov't show us your "evidence" show us what the NSA knows about Kaspersky in ter
What law did they break? (Score:2)
Cite a law or fuck off. Useless war mongering Senator....
Re: (Score:2)
If Isreali spies can infiltrate Kaspersky, it stands to reason that the Russian Federation would be able to have spies as well. Their corporate management doesn't necessarily have to have any ties to the Russian government, only that the employees that work there are easily accessible, such as the Kaspersky executives being arrested for treason. [arstechnica.com]
I'm pretty sure that in Russia, treason means anything they want it to mean so that you do what they want.