US security chiefs target Russian antivirus company

Top US intelligence chiefs on Thursday publicly expressed doubts about the global cyber-security firm Kaspersky Labs because of its roots in Russia.   

Six leading intelligence officials told a Senate hearing on external threats to the United States of their concerns over the firm’s broad presence, without specifying any particular threat.    

Asked if he was aware of a security threat tied to Kaspersky software, Federal Bureau of Investigation acting director Andrew McCabe replied: “We are very concerned about it and we are focused on it very closely.”    

Defense Intelligence Agency director Lieutenant General Vincent Stewart said his agency is avoiding the company’s products.    

“There is, as well as I know, no Kaspersky software on our networks,” he said, adding that the agency’s private sector contractors are also steering clear.   

READ MORE: New cyberattacks on major banks thwarted, Russia says

The allegations against Kaspersky come amid heightened US concerns over Russian hacking after what intelligence chiefs say was a significant effort directed by Russian President Vladimir Putin to interfere with last year’s election.    

President Donald Trump’s former national security advisor Michael Flynn is under investigation for his links to Russia, which include being paid $11,250 to speak at a Kaspersky function.

Also indicating their concerns in brief were the heads of the Central Intelligence Agency, the National Security Agency, the National Geospatial Intelligence Agency, and the director of National Intelligence.    

“I am personally aware and involved as director of the National Security Agency in the Kaspersky Lab issue,” NSA head Mike Rogers said.  

Kaspersky was founded in Moscow in 1997 by Eugene Kaspersky, a computer engineer who served in the Russian military.    

The company quickly expanded to a global presence, with 3,600 employees, 400 million users of its software, and revenue of some $620m in 2015, according to its website.    

READ MORE: Russia charges cyber security experts with treason

Its antivirus programmes regularly rank in the top five of such software for personal and business computers.    

But US officials have expressed doubts over its recruitment of some staff with alleged links to Russian defence and intelligence bodies.    

Some worry it might offer Russian intelligence a secret backdoor into users’ computers. US officials are particularly worried that foreign hackers could penetrate US infrastructure via suspect software and malware.    

Kaspersky denied having ties to any government.    

“The company has never helped, nor will help, any government in the world with its cyber espionage efforts,” it said in a statement on Thursday.    

“Kaspersky Lab believes it is completely unacceptable that the company is being unjustly accused without any hard evidence to back up these false allegations.”  

READ MORE: Cybercrime robbers steal up to $1bn from global banks

Commenting on Reddit, Eugene Kaspersky also said his company had no links to the Russian government, offering to testify in the Senate.   

“I respectfully disagree with their opinion, and I’m very sorry these gentlemen can’t use the best software on the market because of political reasons,” he said, referring to the intelligence chiefs.           

Sean Kanuck, a former CIA officer who was the first US national intelligence officer for cyber issues, said the worries about Kaspersky have mainly come from US lawmakers who don’t understand that it gets paid by companies and US government agencies to have “front-door” access to their systems.  

“That means that any Congressional questions about ‘back doors’ in Kaspersky products reflect a certain naivete, because many of Kaspersky’s clients are intentionally paying for full-content monitoring on their networks.”