We are living through one of the most precarious moments in international relations of the last several years. Threats of commercial warfare, espionage, and sanctions are constantly threatening to polarize two major world powers — the United States and Russia — and embroil them in perpetual conflict.
This can no doubt have huge — and serious — consequences in the field of cybersecurity. We’ve already discussed this in our PandaLabs Predictions Report for 2017 when we singled out the growing ambition of governments to gather enormous quantities of data that could be valuable to their national interests. And the first of these cyber consequences has already had its effect.
After years of suspicion and months of investigations, on Wednesday the US government issued a ban on the use of Kaspersky cybersecurity software by federal agencies. The ban cites concerns stemming from Kaspersky’s potentially playing a role in cyberespionage activities sponsored by the Russian state.
The US Department of Homeland Security said in a statement that they are “concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies.” The statement continues, asserting that “the risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security.”
“We’ve determined that [Kaspersky software] poses an unacceptable amount of risk based on our assessment,” said Christopher Krebs, a senior DHS official the National Protection and Programs Directorate.
Kaspersky denied the allegations, stating, “Kaspersky Lab has never helped, nor will help, any government in the world with its cyberespionage or offensive cyber efforts, and it’s disconcerting that a private company can be considered guilty until proven innocent.” For now, the DHS is giving Kaspersky 90 days to prove that its products do not pose a security risk.
The Kremlin’s Backdoor
The US is clearly concerned about attacks targeting American institutions. Samuel Liles, Acting Director of the Cyber Division at the Department of Homeland Security (DHS), testified before the Senate Intelligence Committee that Russian government-backed hacking attacks targeted systems related to the presidential elections in more than twenty-one states.
The Congressional Intelligence Committee held a hearing to discuss the impact of Russia’s hacking of the 2016 presidential elections. It was there that Jeh Johnson, former DHS Secretary under the Obama administration, reiterated that Russian President Vladimir Putin had ordered the attack with the intention of influencing the outcome of the US presidential elections. He also asserted that they had failed to manipulate votes in these attacks.
During the Gartner Security & Risk Management Summit held in Washington in June, former CIA director John Brennan said the alleged alliance between the Russian government and cybercriminals to carry out Yahoo’s theft of accounts is only the tip of the iceberg, and that future cyberattacks by governments will follow this type of formula and become more frequent.
In the same summit, he confirmed that Russian intelligence services are not, strictly speaking, limited by any sort of laws, while US agencies are.
A global situation of this kind could hamper data sharing initiatives. And apparently, in light of recent statements made by the GSA suggesting that “a vulnerability exists with Kaspersky that could give the Kremlin backdoor access to the systems the company protects”, our predictions weren’t far off the mark.
And this is just the beginning. Last June, the Russian Minister of Communications, Nicolai Nikiforov, didn’t rule out the possibility of retaliating if the threat against Kaspersky were to persist.