No proof Kaspersky tools used to breach US fed systems

By Dylan Bushell-Embling
Thursday, 16 November, 2017

An official from the US Department of Homeland Security has acknowledged that there is no proof that Kaspersky Lab antivirus software has been exploited to breach federal government information systems.

DHS Assistant Secretary for Cybersecurity and Communications Jeanette Manfra told a House of Representatives panel that the agency lacks conclusive evidence any systems have been breached, but said she wants to do a thorough review before reaching a final conclusion.

The House Science, Space and Technology Oversight Subcommittee held a hearing on federal government agency compliance with the recent direction to stop using all Kaspersky Lab products.

The directive cited concerns over a possible link between Kaspersky Lab and Russian intelligence or other government agencies and the ability of the antivirus products to provide broad access to files and privileged access to systems running the software.

Kaspersky Lab has strongly denied the allegations. But last month it was reported that Russian hackers had allegedly used the antivirus software to steal details of US National Security Agency (NSA) spying tools from an contractor storing highly classified data on a home system.

The house review also heard that around 15% of federal government agencies had Kaspersky Lab software running on some of their systems before the DHS ban.

But around 94% had met last month’s deadline to scan their systems for the software and start the removal process, with the remainder being very small agencies that will need DHS help to conduct the scan.

Manfra also revealed that DHS lawyers are reviewing a lengthy response sent by Kaspersky Lab to address the department’s concerns, but that the company’s offer to provide its source code for review by the US Government is not sufficient to alleviate the concerns.

She raised the possibility that Kaspersky Lab could sue the government over the ban but said DHS lawyers have assured her the ban is legally valid.

The White House has separately agreed to publish an annual report that will provide more transparency into decisions on whether to disclose newly discovered vulnerabilities or keep them to attempt to spy on foreign intelligence targets.

All new vulnerabilities discovered by US officials are submitted into a process known as the Vulnerabilities Equities Process. This process balances whether to disclose the information to the vendor or temporarily restrict knowledge so it can be used for national security or law enforcement purposes.

The annual report will include statistical information about VEP reviews as well as any changes to the board tasked with reviewing newly found vulnerabilities.

Pictured: Eugene Kaspersky, courtesy Kaspersky Lab.

Follow us and share on Twitter and Facebook