My Take On The US Kaspersky Ban

in Security

Unless you have been hibernating in the wilderness of Patagonia, you will know that the US government has banned Kaspersky’s security software from state computer and networks.  Apparently, some apparatchik in the Department Of Homeland Security has decided that there is a security hole in Kaspersky products that could be feeding data back to Russian security services. A spokesperson says: “The Department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks.”

Now, the cynic in me wonders whether this is a genuine security concern or a way of sidestepping the FBI’s investigation into Trump’s link with Russia.

Kaspersky Response

Unsurprisingly Kaspersky, which has supplied numerous international customers with superior security solutions for many years, is a bit put out. The company’s response was:

“No credible evidence has been presented publicly by anyone or any organization as the accusations are based on false allegations and inaccurate assumptions, including claims about the impact of Russian regulations and policies on the company.

“Kaspersky Lab has never helped, nor will help, any government in the world with its cyberespionage or offensive cyber efforts, and it’s disconcerting that a private company can be considered guilty until proven innocent, due to geopolitical issues.”

Now, that cynic in me would think, they would say that, wouldn’t they. However, it appears that In a Foreign Policy article from August 2017, an anonymous senior intelligence official is quoted as saying that intelligence agencies have been looking for evidence of governmental interference or vulnerabilities in Kaspersky software “for years.” But they didn’t find anything.

Eugene Kaspersky’s Spy Links

To try and justify the ban, some people within the US government are majoring on Eugene Kaspersky’s links with Russian intelligence. Apparently, he served in a Russian cyber security department during his national service.  Bearing in mind when you point the finger at someone, there are three fingers pointing back at you, how many former CIA, FBI and NSA personnel are involved have started their own businesses off the back of US government training.

If you believed that foreign governments had a back door to your PCs, smartphones etc, you would just throw them in the nearest skip.  For starts, every iPhone in the world would be dumped because they are made in China.

Finding Back Doors

If the US government is worried that security software etc is pumping back data to hostile countries, then it is admitting it is nothing short of crap at security.  Surely it has security personnel of sufficient quality to take software apart and spot if there is a conduit back to the Kremlin.

I am a Kaspersky user and unless someone can offer me irrefutable proof that my photographs from this year’s Greek island holiday are sitting on a FSB server then I shall continue to use it.

And, while we are casting aspersions towards governments, Google’s Manager of Information Security Heather Adkins believes the US NSA is a state-sponsored threat. She was talking at TechCrunch Disrupt , and a report on her views can be found on Techcrunch.

To summarise, I believe that the US government ban has more to do with trying to deflect Trump’s involvement in Russia than any real threat from Kaspersky.  If the software is that suspect, why was it chosen to protect US government systems in the first place? Furthermore, when you consider the number of software licences held worldwide are probably on personnel PCs, the number of US government computers and networks using Kaspersky is virtually minimal.

Previous post: