IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Where Are We with Kaspersky Software? Congress Wants to Know

The removal of the Russian-made software from federal systems was ordered in September, but now senators are circling back for more details.

(TNS) -- WASHINGTON — The top Democrat on the Senate homeland security committee wants to know how the elimination from government computers of a popular anti-virus software, whose maker has suspected ties to Russian intelligence, is being handled.

Sen. Claire McCaskill, D-Mo., the ranking Democrat on the Homeland Security and Governmental Affairs Committee, sought answers to nearly a dozen questions about the removal of products manufactured by Kaspersky Lab, a Russian company, in a letter Tuesday to Acting Homeland Security Secretary Elaine Duke.

Duke last month ordered all federal executive branch departments and agencies to remove Kaspersky software from their systems by mid-December.

Among other questions, McCaskill wants to know why the Department of Homeland Security waited so long. Several top national security officials warned the Senate Intelligence Committee last spring about the use of Kaspersky products.

McCaskill also asked Duke whether her department knows the full extent of Kaspersky use throughout the federal government; how it is ensuring that agencies are complying with her order; and what is it doing to make sure local and state governments that work with the federal government, as well as private businesses and government contractors, are aware of the concerns about Kaspersky software.

“Kaspersky products present a clear security threat to the U.S.,” McCaskill wrote.

Scott McConnell, a spokesman for the Homeland Security Department, declined to comment about the letter. The department has also declined to state how many federal agencies use Kaspersky products.

Spokesmen for several agencies that do use Kaspersky, including the National Institutes of Health and the Consumer Products Safety Commission, would only say that they are following the directives from the Homeland Security Department.

Though the Defense Department is not included under Duke’s order, a Pentagon spokesman told Nextgov that it was scrutinizing its software to ensure that Kaspersky was not employed in any military systems.

The concerns over the federal use of Kaspersky software has been growing and has reached a crescendo in recent months as the ongoing probes by Congress and special counsel Robert Mueller continue to dig into the role Russia played in the 2016 presidential election, and whether it colluded with President Donald Trump’s campaign to help him win.

Several former national security and intelligence officials have long been suspicious of the company, with 400 million users worldwide, given that its founder, Eugene Kaspersky, attended a school run by the KGB, the former Soviet spy agency, now succeeded by the Russian FSB. The company has repeatedly denied having any connections to Russian spy services.

McClatchy reported in July that documents appear to show a link between the company and the FSB. Given that Kaspersky software, which scans computer data to eliminate viruses, provides access to computers embedded with the software, there’s a nagging concern that Russian security services would gain access as well.

“If people aren’t concerned, they should be,” said Michael Sulmeyer, former director of Plans and Operations for Cyber Policy for the secretary of defense.

Sulmeyer is currently director of the Belfer Center Cyber Security Project Director at Harvard University’s Kennedy School. He and other cyber experts said removing Kasperksy might not be that simple. Just hitting “un-install” might not be enough.

“The more realistic scenario is that there will be a lot of manual work to determine where Kaspersky actually exists and the impact of removing those impacts would be,” said Trevor Rudolph, former chief of the Cyber and National Security Unit at the Office of Management and Budget. “For instance, if Kasperksy is the sole anti-malware on a particular device, if you were just to remove it, you would leave the device vulnerable,” unless you were going to immediately replace it with another software product, he said.

Paul Rosenzweig, a cyber expert and former assistant Homeland Security secretary for policy, quipped, “Changing anti-virus software is like changing your underwear.” But he also said that sophisticated cyber enterprises are complex and individualized systems.

“Any good anti-virus software … is tailored to the system it’s protecting,” Rosenzweig said. “The programming is deeply integrated and figuring out how to remove, and more importantly, replace is not a trivial exercise.”

Concerns over Kaspersky heightened recently when the Wall Street Journal reported that in 2015, the personal computer of a National Security Agency contractor who used the Russian software was compromised by Russian hackers. Eugene Kaspersky denied that his company was involved.

In addition, The New York Times reported earlier this month that Israeli alerted U.S. authorities two years ago that Russian hackers had breached computers around the world in a hunt for the code names of American intelligence efforts, and used Kaspersky software to gain access.

In an attempt to overcome the mistrust, Kaspersky this week said it would open up the source code of its software for review by computer security experts and government officials.

Sen. Jeanne Shaheen, D-N.H., whose measure to ban the use of Kaspersky software across the federal government passed the Senate last month, said agencies should leave “no proverbial stone unturned” in identifying and eliminating the Russian software.

“At the end of this process, there should be confidence that Kaspersky has been completely removed,” she said.

©2017 McClatchy Washington Bureau Distributed by Tribune Content Agency, LLC.

Special Projects
Sponsored Articles
  • How the State of Washington teamed with Deloitte to move to a Red Hat footprint within 100 days.
  • The State of Michigan’s Department of Technology, Management, and Budget (DTMB) reduced its application delivery times to get digital services to citizens faster.

  • Sponsored
    Like many governments worldwide, the City and County of Denver, Colorado, had to act quickly to respond to the COVID-19 pandemic. To support more than 15,000 employees working from home, the government sought to adapt its new collaboration tool, Microsoft Teams. By automating provisioning and scaling tasks with Red Hat Ansible Automation Platform, an agentless, human-readable automation tool, Denver supported 514% growth in Teams use and quickly launched a virtual emergency operations center (EOC) for government leaders to respond to the pandemic.
  • Sponsored
    Microsoft Teams quickly became the business application of choice as state and local governments raced to equip remote teams and maintain business continuity during the COVID-19 lockdown. But in the rush to deploy Teams, many organizations overlook, ignore or fail to anticipate some of the administrative hurdles to successful adoption. As more organizations have matured their use of Teams, a set of lessons learned has emerged to help agencies ensure a successful Teams rollout – or correct course on existing implementations.