Exclusive: War in Ukraine prompts US to step up security probe into software maker Kaspersky

WASHINGTON, May 9 (Reuters) – The Biden administration stepped up a national security investigation into Russian antivirus software AO Kaspersky Lab earlier this year amid heightened fears of Russian cyberattacks after Moscow invaded Ukraine. , three people familiar with the matter told Reuters.

The case was referred to the Commerce Department by the Justice Department last year, a fourth person said, but the trade made little progress until the White House and others Administration officials are urging them to move forward in March, the three people added.

At issue is the risk that the Kremlin will use anti-virus software, which has privileged access to a computer’s systems, to steal sensitive information from US computers or tamper with it as tensions escalate between Moscow and the West. .

Access to the networks of federal contractors and operators of critical US infrastructure such as power grids is seen as of particular concern, the three people said.

US regulators have already banned federal use of Kaspersky software and could ultimately force the company to take action to reduce the risks posed by its products or ban Americans from using them altogether.

The previously unreported investigation shows that the administration is digging deep into its toolbox to hit Moscow with even its most obscure authorities in an effort to protect American citizens and businesses from Russian cyberattacks.

The authorities are “really the only tool we have to deal with the threat (posed by Kaspersky) on an economy-wide commercial basis, given our generally open market,” said Emily Kilcrease, a former Deputy Assistant to the United States Trade Representative.

Other regulatory powers do not allow the government to block private sector use of software made by the Moscow-based company, long seen by US officials as a serious threat to US national security.

The Commerce and Justice Departments, and Kaspersky declined to comment. The company has for years denied any wrongdoing or secret partnership with Russian intelligence.

AUTHORITIES TARGETING “FOREIGN OPPONENTS”

The enhanced investigation is being executed using sweeping new powers created by the Trump administration that allow the Commerce Department to prohibit or restrict transactions between U.S. companies and countries’ internet, telecommunications and technology companies. “foreign adversaries”, including Russia and China.

For Kaspersky, Commerce could use authorities to prohibit its use, the purchase of its software by US citizens, or prohibit the downloading of updates via a Federal Register regulation.

The tools are largely untested. Former President Donald Trump used them to try to stop Americans from using Chinese social media platforms TikTok and WeChat, but federal courts halted the moves.

A senior Justice Department official said last year that the agency was reviewing dozens of Russian companies, including “a known link between a particular company and Russian intelligence services”, to see if they posed a threat to the American supply chain. The department may refer some of the cases to Commerce for further action, then-assistant attorney general John Demers said at the time.

Reuters was unable to find out whether the companies reviewed included Kaspersky, which had estimated US revenue of $95.3 million in 2020 according to market research firm Gartner Inc, accounting for nearly 15% of its worldwide revenue that year.

It was unclear whether that figure included Kaspersky products sold by third parties under different brand names, a practice that generates confusion about the origin of the software, according to US national security officials.

In 2017, the Department of Homeland Security banned Kaspersky’s flagship antivirus product from federal networks, alleging ties to Russian intelligence and noting a Russian law that allows its intelligence agencies to demand Kaspersky’s help. and to intercept communications passing through Russian networks.

The perceived threat has taken on greater urgency since Russia’s February 24 invasion of Ukraine, which Moscow describes as a “special military operation”.

In March, German authorities warned that the Kremlin could coerce the Moscow-based firm into participating in cyberattacks, or that Russian government agents could covertly use its technology to launch cyberattacks without its knowledge. Read more

Kaspersky then said in a statement that it was a private company with no ties to the Russian government, and described the German warning as politically motivated.

Reuters reported that the US government began privately warning some US companies the day after Russia invaded Ukraine that Moscow may be manipulating Kaspersky-designed software to cause harm. Read more

The White House has asked the Treasury Department to prepare sanctions against the company, The Wall Street Journal reported last month, adding that some officials had pushed back over fears it would increase the risk of Russian cyberattacks.

Reporting by Alexandra Alper; Additional reporting by Christopher Bing, Raphael Satter and Karen Freifeld; Editing by Chris Sanders and Daniel Wallis

Our standards: The Thomson Reuters Trust Principles.