US Government Weighing Sanctions Against Kaspersky Lab

Posted by BeauHD from the retaliatory-actions dept.
An anonymous reader quotes a report from CyberScoop: The U.S. government is considering sanctions against Russian cybersecurity company Kaspersky Lab as part of a wider round of action carried out against the Russian government, according to U.S. intelligence officials familiar with the matter. The sanctions would be a considerable expansion and escalation of the U.S. government's actions against the company. Kaspersky, which has two ongoing lawsuits against the U.S. government, has been called "an unacceptable threat to national security" by numerous U.S. officials and lawmakers.

Officials told CyberScoop any additional action against Kaspersky would occur at the lawsuits' conclusion, which Kaspersky filed in response to a stipulation in the 2018 National Defense Authorization Act that bans its products from federal government networks. If the sanctions came to fruition, the company would be barred from operating in the U.S. and potentially even in U.S. allied countries.

  • For working on (Score:5, Insightful)

    by AHuxley ( 892839 ) on Monday April 23, 2018 @08:26PM (#56491767) Journal
    https://en.wikipedia.org/wiki/... [wikipedia.org]
    Stuxnet
    Flame
    Equation Group https://en.wikipedia.org/wiki/... [wikipedia.org]
    Android cyber-espionage used by 60 governments.

    The internet needs all the security it can get. Why would the US not want quality global security research?

    • Re: (Score:2, Interesting)

      by Anonymous Coward

      The answer is exceedingly self-evident: the US doesn't want research into its own malware.

      • Yes, it is also clear that Kaspersky is the only major threat protection software that has not agreed to whitelist US government malware.

        Have the US government realise that this is just a form of Striesand effect recommending Kaspersky to anyone who doesnt that the US to know their affairs?

        • Re: (Score:2)

          by AHuxley ( 892839 )
          Makes a user wonder what a lot of the other EU and US AV brands are doing that the US gov totally approves of?

    • Re: (Score:2)

      by Jahoda ( 2715225 )
      Well, I guess maybe that is something that Kaspersky needs to take up with the "government" of Russia, no? It seems unfortunate for them to be so harshly judged, but nonetheless, here we are. I guess that is what happens when you try to conduct a business from within an authoritarian mafia-state kleptocracy.
  • Sanctions, as such, are political acts. They don't have to comport with independent legal proceedings.

  • It really seems to me that someone or someones high up in the U.S. govt really has it in for Kasperskey. Is that just my impression or does anyone else feel that way?

    I would think that if the company actually had any malware in their security products it would have been detected by now. At the end of the day if they were doing Bad Guy Stuff then it would have to write Bad Guy Stuff either to local storage or onto the wire even if it is encrypted. There are a number of automated tools for detecting this

    • One would think that if Kapersky software contained malware, the NSA could reveal it and kill the company with a single blow.

    • Re: (Score:2)

      by AHuxley ( 892839 )
      Re "So what's the motive here?"

      The problem for the USA and UK is that their gov/mil malware is regional and has to stay hidden.
      When discovered the malware also has to look very average.
      The UK wants to collect on every computer network in Ireland and all Irish supporters in the USA.

      So subtle differences in gov malware only found in the wild in Ireland/USA would get detected by the more advanced AV brands.

      The US wants collect it all but different cyber projects do not want to collect within the USA, 5

    • Re: (Score:2)

      by chill ( 34294 )

      Yes. They aren't accused of having malware inside their product, but rather that their product sends back hashes of files found on the system. This is normal AV behavior, as they use the hashes to identify known good files from known bad.

      However, the accusations were this, combined with the ability to send whole files up for cloud analysis, have been used by the Russian Gov't to identify classified material on U.S. systems and steal files.

