Federal agencies have been ordered by the Department of Homeland Security to stop using cyber security software developed by the Russian firm Kaspersky Labs over fears of the firm's links to Russian intelligence, according to multiple reports.
"The Department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks," DHS said in a statement, according to NBC News. "The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security."
Last week Code and Dagger reported that Sen. Jeane Shaheen, D-N.H., suggested in The New York Times that classified intelligence supported suspicions of Kaspersky Labs. In late August, Robert Joyce, former head of the NSA's elite hacking unit and current White House cybersecurity coordinator, told CBS News he doesn't use Kaspersky products and would tell his family to avoid them as well.
"I worry that as a nation state Russia really hasn't done the right things for this country and they have a lot of control and latitude over the information that goes to companies in Russia. So I worry about that," Joyce said.
Eugene Kaspersky has denied the allegations and even offered to show the U.S. government the source code for his anti-virus products to prove his firm's innocence.
“If the United States needs, we can disclose the source code,” he told The Associated Press, adding that he was ready to testify before Congress if necessary. “Anything I can do to prove that we don’t behave maliciously I will do it.”
Speaking to Code and Dagger, a former senior U.S. intelligence official joked that he was "shocked! shocked!" at the allegations that Kaspersky was working with the Russian government. But the official noted that American cybersecurity companies cooperate from time to time with the U.S. government as well.
"The question is, under what circumstances?" he said.
[Like what you read? You can help support Code and Dagger by becoming a Patreon. Click here to learn how. You can also contact Code and Dagger with tips or questions at CodeAndDagger@protonmail.com.]