Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 13 submissions in the queue.
posted by martyb on Thursday September 14, @09:48AM   Printer-friendly
from the prudence-or-paranoia? dept.

The Washington Post is reporting U.S. moves to ban Kaspersky software in federal agencies amid concerns of Russian espionage:

Acting Homeland Security secretary Elaine Duke ordered that Kaspersky Lab software be barred from federal civilian government networks, giving agencies a timeline to get rid of it, according to several officials familiar with the plan who were not authorized to speak publicly about it. Duke ordered the scrub on the grounds that the company has connections to the Russian government and its software poses a security risk.

[...] "The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security."

[...] The directive comes months after the federal General Services Administration, the agency in charge of government purchasing, removed Kaspersky from its list of approved vendors. In doing so, the GSA suggested a vulnerability exists in Kaspersky that could give the Kremlin backdoor access to the systems the company protects.

Someone that is in a position to know all about it tells me that Kaspersky doesn't detect malware created by the Russian Business Network. My fear is that if I named that someone, the RBN will give that someone a bad hair day.

[Ed. addition follows]

The full text of the DHS notice is available at https://www.dhs.gov/news/2017/09/13/dhs-statement-issuance-binding-operational-directive-17-01.

Previously:
FBI Reportedly Advising Companies to Ditch Kaspersky Apps.


Original Submission

Related Stories

FBI Reportedly Advising Companies to Ditch Kaspersky Apps 17 comments

Kaspersky Lab's tussle with the US government could have ramifications for its dealings with the private sector. A new report claims the FBI has been meeting with companies to warn them of the threat posed by the cybersecurity firm. The briefings are the latest chapter in an ongoing saga concerning the use of Kaspersky's products by government agencies. Officials claim the company is a Russian stooge that can't be trusted with protecting America's critical infrastructure. The company denies these claims -- its CEO Eugene Kaspersky has even offered up its source code in a bid to clear his firm's name.

It appears that olive branch went unnoticed. Throughout the year, the FBI has been meeting with US firms to convince them to remove Kaspersky Lab's tools from their systems, according to officials that spoke to CyberScoop. In view of the cyberattacks that crippled Ukraine's power grid in 2016, the FBI has reportedly focussed its briefings on companies in the energy sector. Although, it has also supposedly met with major tech firms too.

The law enforcement agency has apparently been sharing its threat assessment with the companies, including Kaspersky Lab's alleged deep ties with Russian intelligence. However, the meetings have reportedly yielded mixed results. Whereas firms in the energy sector have been quick to cooperate, tech giants have resisted taking swift action, claims CyberScoop.

Source: EnGadget


Original Submission

Kaspersky Lab and Lax Contractor Blamed for Russian Acquisition of NSA Tools 23 comments

According to unverifiable sources, an NSA contractor stored classified data and hacking tools on his home computer, which were made available to Russian hackers through the contractor's use of Kaspersky Lab anti-virus software:

Russian government-backed hackers stole highly classified U.S. cyber secrets in 2015 from the National Security Agency after a contractor put information on his home computer, two newspapers reported on Thursday.

As reported first by The Wall Street Journal, citing unidentified sources, the theft included information on penetrating foreign computer networks and protecting against cyber attacks and is likely to be viewed as one of the most significant security breaches to date.

In a later story, The Washington Post said the employee had worked at the NSA's Tailored Access Operations unit for elite hackers before he was fired in 2015.

[...] Citing unidentified sources, both the Journal and the Post also reported that the contractor used antivirus software from Moscow-based Kaspersky Lab, the company whose products were banned from U.S. government networks last month because of suspicions they help the Kremlin conduct espionage.

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough

Mark All as Read

Mark All as Unread

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 5, Interesting) by Nerdfest on Thursday September 14, @10:06AM (9 children)

    by Nerdfest (80) Subscriber Badge on Thursday September 14, @10:06AM (#567714)

    I'm pretty sure I just read something about Kaspersky outing a series of FBI backboors in a series of Microsoft products. If that's the case, it sounds like Kaspersky's a lot more concerned about actual security than the US government.

    • (Score: 4, Insightful) by bradley13 on Thursday September 14, @11:27AM (8 children)

      by bradley13 (3053) Subscriber Badge on Thursday September 14, @11:27AM (#567737) Homepage Journal

      Exactly. Pot, meet kettle. Kettle, meet pot.

      The US doesn't trust Kaspersky to not do the bidding of the Russian government. That's understandable.

      But then: the rest of us don't trust US companies not to do the bidding of the US government. Actually, with those lovely National Security Letters and the accompanying secret courts, even US own citizens can no longer trust the US government.

      --
      Everyone is somebody else's weirdo.
      • (Score: 5, Insightful) by c0lo on Thursday September 14, @01:12PM (5 children)

        by c0lo (156) Subscriber Badge on Thursday September 14, @01:12PM (#567767)

        even US own citizens can no longer trust the US government.

        If you trust any government at all, you are out of your mind.
        Even if a form or another of government is necessary, it still a beast one need to keep in leash - the "eternal vigilance" and all that.

        • (Score: 0) by Anonymous Coward on Thursday September 14, @03:27PM (4 children)

          by Anonymous Coward on Thursday September 14, @03:27PM (#567844)

          How, exactly, would you go about performing this "eternal vigilance" you reference?

          • (Score: 2) by c0lo on Thursday September 14, @04:27PM

            by c0lo (156) Subscriber Badge on Thursday September 14, @04:27PM (#567891)

            Simple! Candle vigil in perpetuity!!

            (grin)

            (just in case if you were asking seriously: start thinking, critically if possible, and don't stop. In a case by case basis, you'll find something. Especially if you don't expect those answers to be revealed to you as pre-digested solutions)

          • (Score: 2) by HiThere on Thursday September 14, @04:34PM (2 children)

            by HiThere (866) on Thursday September 14, @04:34PM (#567902)

            Well, you could re-read Patrick Henry and Thomas Paine...but keep in mind that Thomas Paine died in a French prison, and the US govt. didn't even ask that he be released.

            --
            Put not your faith in princes.
            • (Score: 2) by Grishnakh on Monday September 18, @06:29PM (1 child)

              by Grishnakh (2831) on Monday September 18, @06:29PM (#569838)

              Well, you could re-read Patrick Henry and Thomas Paine...but keep in mind that Thomas Paine died in a French prison, and the US govt. didn't even ask that he be released.

              Where the hell did you read that? The Wikipedia page on him [wikipedia.org] clearly says he died in New York City, many years after being released from prison in France. In fact, he didn't even spend a whole year there, though he did narrowly escape beheading because the gaoler screwed up with marking the door, and a few days later Robespierre was deposed and executed. As for the US government, he was disliked by the Federalists, but he was friends with President Jefferson, and returned to America upon Jefferson's invitation.

              • (Score: 2) by HiThere on Tuesday September 19, @01:51AM

                by HiThere (866) on Tuesday September 19, @01:51AM (#570009)

                I wouldn't accept Wikipedia as reliable, but a small bit of searching showed that you were correct. I'm not sure *where* read the answer I repeated, but I won't use it again.

                OTOH, the basic message that you should remember you're likely to end up dead if you seriously fight the incumbent government remains true. I just need a more accurate example.

                --
                Put not your faith in princes.
      • (Score: 3, Interesting) by frojack on Thursday September 14, @11:09PM

        by frojack (1554) Subscriber Badge on Thursday September 14, @11:09PM (#568132) Journal

        If we assume Kaspersky doesn't detect Russian Malware, and American products don't detect US Government Malware, then running both of them might actually make sense.

        But it makes far more sense to just come out and ban Windows in any critical government system.

        On the other hand, as someone who used to spend lots of money on defective antivirus and anti-malware products, only to find that they did not detect or prevent a whole litany of NSA malware suites, where do I go to get my money back?

        --
        No, you are mistaken. I've always had this sig.
      • (Score: 2) by Grishnakh on Monday September 18, @06:15PM

        by Grishnakh (2831) on Monday September 18, @06:15PM (#569830)

        I'm pretty sure I just read something about Kaspersky outing a series of FBI backboors in a series of Microsoft products. If that's the case, it sounds like Kaspersky's a lot more concerned about actual security than the US government.

        Wrong. Kaspersky has no interest in hiding US FBI backdoors, true, but they will hide Russian-government-sponsored backdoors. Correspondingly, US-made software will have no interest in hiding Russian-related backdoors, but absolutely will hide US-government-sponsored backdoors.

        The solution is simple: don't use Windows. You don't have to worry much about backdoors in Linux since it's an international and largely non-profit effort. Just stay away from Red Hat; Debian and its descendants are your best bet, or perhaps others like Arch, Gentoo, etc.

  • (Score: 2) by cubancigar11 on Thursday September 14, @10:37AM (3 children)

    by cubancigar11 (330) on Thursday September 14, @10:37AM (#567723) Homepage Journal

    Some time ago Kaspersky announced that it will release a free version of its anti-virus for rest of the world. I want to know if they followed up on that promise, because I couldn't find any free version from outside of USA.

    • (Score: 1) by anubi on Thursday September 14, @11:42AM (2 children)

      by anubi (2828) Subscriber Badge on Thursday September 14, @11:42AM (#567740)

      Anyone used the Kaspersky rescue disk? [kaspersky.com]

      ( Hat tip to an anonymous coward [soylentnews.org]. I really appreciated you posting your links. )

      --
      "Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
      • (Score: 5, Informative) by nobu_the_bard on Thursday September 14, @01:08PM (1 child)

        by nobu_the_bard (6373) on Thursday September 14, @01:08PM (#567765)

        I have used the Rescue Disk in the past. Its okay but its showing its age. It doesn't work on some newer stuff.

        Kaspersky's TDSSkiller has been a lifesaver but overall antivirus products are not as relevant as they used to be.

        If a system gets owned hard enough, its way too hard to fix it sometimes - better to restore from backups and patch the vulnerability they used or just rebuild from scratch with patches applied.

        • (Score: 1) by anubi on Friday September 15, @05:00AM

          by anubi (2828) Subscriber Badge on Friday September 15, @05:00AM (#568289)

          Thanks for the reply.

          Second that on TDSSkiller. As for myself, I now make a new disk image backup with Clonezilla whenever I do a significant change in the OS, otherwise I do simple incremental backups for my specific user directory. I started doing that when I saw these "cryptolocker" type proggies going around. The external USB drives are so inexpensive these days that I buy a new drive to make the latest disk image onto, just so that if my latest backup is also corrupted, I have the ones before that were likely made before the malware got ingested.

          --
          "Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
  • (Score: 3, Funny) by turgid on Thursday September 14, @11:03AM

    by turgid (4318) on Thursday September 14, @11:03AM (#567730) Journal

    That nice Mr Putin would like to offer free security software of finest Russian quality to all good citizens, businesses and institutions of formerly enemy countries as a gesture of goodwill and reconciliation. Rest assured that nice Mr Putin will be looking out for your safety and security 24 hours a day, every day from his secure nuclear bunker under the Kremlin. He encourages you to remove the duct tape from your webcams.

    --
    Don't let Righty keep you down.
  • (Score: 4, Insightful) by pTamok on Thursday September 14, @12:21PM (6 children)

    by pTamok (3042) on Thursday September 14, @12:21PM (#567751)

    Presumably, Russian anti-malware software will be diligent in recognising non-Russian malware; and USA-ian software will be diligent in seeking out non-USA-ian malware; so the solution would be to run both (probably in series, not in parallel) to give maximum protection. For the truly suspicious, use some other countries' software as well, and maybe run ClamAV [wikipedia.org], as it is open-source.

    • (Score: 0) by Anonymous Coward on Thursday September 14, @12:46PM (3 children)

      by Anonymous Coward on Thursday September 14, @12:46PM (#567759)

      According to the wiki they are owned by cisco

      • (Score: 2, Interesting) by pTamok on Thursday September 14, @02:18PM (2 children)

        by pTamok (3042) on Thursday September 14, @02:18PM (#567803)

        Being owned by Cisco is less of an issue when the software is FLOSS. Obviously Cisco could introduce subtle bugs, but it is more difficult when the users of ClamAV can compile from source rather than relying on pre-compiled binaries. This is not to say I think ClamAV is perfect - but it can be a useful addition to other (proprietary) approaches. Relying on it alone might be inadvisable. Using it as an adjunct to other malware detection software might be beneficial.

        • (Score: 0) by Anonymous Coward on Thursday September 14, @03:14PM (1 child)

          by Anonymous Coward on Thursday September 14, @03:14PM (#567839)

          While I agree that is better, it's kind of marginal since the windows version is distributed in binary form and who needs AV software the most? and is least likely to have the skills necessary to check it?, it's not like Linux (or any of the FOSS)people are out there doing a code reviews of windows projects

          • (Score: 2) by Grishnakh on Monday September 18, @06:18PM

            by Grishnakh (2831) on Monday September 18, @06:18PM (#569831)

            it's not like Linux (or any of the FOSS)people are out there doing a code reviews of windows projects

            Exactly, and it'd be pointless anyway because the underlying OS is closed, secret, and proprietary, and well-known to be spying on you anyway. If you care at all about security and privacy, you wouldn't be running Windows in the first place, so you won't need antivirus software.

    • (Score: 4, Informative) by nobu_the_bard on Thursday September 14, @01:10PM (1 child)

      by nobu_the_bard (6373) on Thursday September 14, @01:10PM (#567766)

      ClamAV isn't too great, its generally too far behind the curve for me. If you're using it for mail filtering though check into this: https://github.com/extremeshok/clamav-unofficial-sigs [github.com]

      It's the only reason ClamAV is worth bothering with on a mail system.

      • (Score: 1) by pTamok on Thursday September 14, @02:20PM

        by pTamok (3042) on Thursday September 14, @02:20PM (#567805)

        Thanks for that. I know ClamAV doesn't tick all the boxes, but as I said in another posting, it might be a useful addition to other malware detection software. It's free, and might be worth the time needed to set it up.

  • (Score: 5, Funny) by Runaway1956 on Thursday September 14, @03:04PM (1 child)

    by Runaway1956 (2926) Subscriber Badge on Thursday September 14, @03:04PM (#567829) Journal

    So, I was having problems with a Windows installation. I used McAfee to check things out, and I still had problems, just different ones. So, I used Microsoft's defender stuff, and it killed McAfee, but started spying on me. I grabbed Avast, which warned me about both McAfee and Microsoft DLL's and crap, but then, it started nagging all the time. On and on I went, until Kaspersky cleaned up the mess left by a dozen other security suites. NOW, you're telling me that Kaspersky reports to the Kremlin? Lemme see, what's next . . . . Panda? How about Panda? Does it report to the Chinese, or the Indians? I'm in security suite hell here!!

    /sarcasm
    You people know I don't run Winbloze!!

    --
    #Hillarygropedme
    • (Score: 1, Informative) by Anonymous Coward on Thursday September 14, @05:01PM

      by Anonymous Coward on Thursday September 14, @05:01PM (#567932)

      It's far worse than that. Panda Security is in Glendale, California.

  • (Score: 2) by bzipitidoo on Thursday September 14, @04:18PM (1 child)

    by bzipitidoo (4388) on Thursday September 14, @04:18PM (#567880) Journal

    For decades, the US government has expressed distrust of foreign products. They find it a convenient excuse to justify use of Windows rather than Linux. Windows is made by an American company and that supposedly makes it okay and safe from cyberespoinage. Of course that's utter nonsense, but they eagerly run with that because what they really want is the user friendly OS.

    They are also afflicted with the religion that Microsoft being a for-profit company makes them and their products more reliable, shows that Microsoft is a good corporate, capitalist citizen that shares their values, unlike that Commie Linux OS.

    • (Score: 1) by anubi on Friday September 15, @05:09AM

      by anubi (2828) Subscriber Badge on Friday September 15, @05:09AM (#568297)

      I see Microsoft as the CIA stool pigeon.

      And its not only Governments which are probing up the rear end.

      Its beautiful to look at, a dream to run, but I have a hard time trusting it.

      I have the same feeling about going to bed with a prostitute. I know from the start she's working for someone else. I'm just the john that will pay for her services.

      --
      "Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(1)