A new report claims the FBI has been meeting with companies to warn them of the threat posed by the cybersecurity firm Kaspersky Labs. In view of the cyberattacks that crippled Ukraine's power grid in 2016, the FBI has reportedly focused its briefings on companies in the energy sector. Although, it has also supposedly met with major tech firms as well.
The FBI’s goal seems to be to have U.S. firms push Kaspersky out of their systems the current and former officials say.
The FBI’s counterintelligence section has been giving briefings since beginning of the year on a priority basis, prioritizing companies in the energy sector and those that use industrial control (ICS) and Supervisory Control and Data Acquisition (SCADA) systems.
The revelations follow a wave of allegations against Kaspersky Lab by the US government. As recently as June, a draft version of a Senate bill proposed barring the Defense Department from doing business with the company. Then, in July, a Congressional panel ordered multiple government agencies to hand over their documents and communications about the cybersecurity software provider.
FBI officials also raise the issue of Russia’s increasingly expansive surveillance laws and what they charge is a distinct culture wherein powerful Russian intelligence agencies are easily able to reach into private sector firms like Kaspersky with little check on government power.
Of particular interest are the Yarovaya laws and the System for Operative Investigative Activities (SORM), among others, which mandate broad, legally vague and permissive Russian intelligence agency access to data moving inside Russia with retention periods extending to three years. Companies have little course to fight back. U.S officials point to the FSB, the KGB’s successor, as the cryptography regulator in Russia, and say it puts an office of active agents inside Russian companies.
In a statement released last month, the firm said: "Kaspersky Lab, and its executives, do not have inappropriate ties with any government." It's a stance the company has reiterated multiple times to no avail.
On the positive side – Kaspersky has been helpful in cleaning up infections from cyberattacks like NotPetya. Still, we urge caution in using the company’s products. It is unprecedented for the FBI to warn companies about a particular piece of software and there is no need to take the risk if you can find a viable alternative.
The best advice is to find a trusted advisor to help your company stay protected and while using quality, vetted hardware and software vendors.
A new breed of hacktrepeneurs has awoken and they have little to fear and everything to gain by infecting as many companies as possible and extorting money from them. Apex Technology Services stands ready to protect your company regardless of whether it’s located in New York City; White Plains, New York; Connecticut; Australia; Europe; or anywhere else. Our full suite of cybersecurity and IT support services is at your disposal, enabling you to spend less time worrying about and more time growing your business.