Kaspersky in Focus as US-Russia Cyber-Tensions Rise

The security software firm Kaspersky has become the focal point in an escalating conflict in cyberspace between the United States and Russia.
The Russian-based company has been accused of being a vehicle for hackers to steal security secrets from the US National Security Agency, and was banned by all American government agencies last month.
But it remains unclear if Kaspersky was part of a scheme or an unwilling accomplice in an espionage effort.
The software firm has argued it has no ties to any government and said in a recent statement it is simply “caught in the middle of a geopolitical fight.”
But the latest accusations highlight what some see as a simmering cyberwar between the two powers.
Related: The Increasing Effect of Geopolitics on Cybersecurity
“Currently, we’re losing,” said James Lewis, a fellow with the Washington-based Center for Strategic and International Studies.
“It’s not the kind of conflict we’re used to.”
The Kaspersky allegations come in the wake of an apparent Russian-led effort to manipulate social media and influence the 2016 US presidential election.
Russia has an advantage because “they have figured out how to use our civil liberties against us and there’s not much we can do about it,” Lewis said.
“We don’t have a group that does this kind of psychological warfare and we don’t have the legal authority to defend against it.”
Peter Singer, a New America Foundation strategist and author who has written on 21st century warfare, agreed that Russia is gaining ground in this cyber conflict.
“If it’s a ‘cyberwar,’ it is a akin to a Cold War-style back-and-forth of everything from stealing secrets to political influence operations,” Singer said. 
“Given that the Russians have so far got away with no real consequences for the biggest, most impactful operation, the hacks and influence campaign targeting the 2016 US election, I’d say they are doing pretty well.”
– Cat-and-mouse game –
网络安全法宣传推广视频 https://v.qq.com/x/page/p050493s0f5.html
But Gabriel Weimann, a professor at Israel’s University of Haifa and author who has written on cybersecurity, said it may be premature to declare Russia the winner.
“We don’t really know the achievements of NSA in monitoring the web, this kind of information is secret,” Weimann said.
“This is a cat-and-mouse game. You respond to breaking in and the other side responds and it becomes more dangerous and more sophisticated.”
On Tuesday, the New York Times reported that Israeli intelligence had hacked into the Kaspersky network and upon detecting the Russian intrusion, alerted the United States, which led to a decision last month for Kaspersky software to be removed from US government computers.
The online news site CyberScoop, citing anonymous sources, reported separately this week that Kaspersky as early as 2015 sought to promote its anti-virus software as a tool to track extremists in the Middle East.
The report said that some US officials were intrigued by the offer, but that technical members of the intelligence community interpreted this as meaning that Kaspersky’s anti-virus software could be used as a spying tool.
CyberScoop said that Russian officials from the FSB, the successor to the KGB, told US officials in 2015 not to interfere with Kaspersky software, a message that set off alarm bells.
The Wall Street Journal meanwhile reported that the Russian government was able to modify Kaspersky software to turn it into an espionage tool.
Anti-virus software such as those created by Kaspersky can become a tool for espionage because it scans and can access all files in a computer or network.
Eugene Kaspersky, founder of the company which bears his name, has long denied any connection to the Russian government but said on Twitter Monday he was launching an internal investigation into the latest allegations.
A company statement this week said, “Kaspersky Lab has never helped, nor will help, for any government in the world with its cyberespionage efforts, and contrary to erroneous reports, Kaspersky Lab software does not contain any undeclared capabilities such as backdoors as that would be illegal and unethical.”
Weimann said he believes Kaspersky was likely “piggybacked” by the Russian government for espionage rather than a willing participant.
Lewis agreed, saying Kaspersky is probably “an unwilling tool” in the Russian espionage effort.

不要在网吧、图书馆、学校、酒店等公众场合的电脑上输入个人机密信息,公司应该教育员工不要在未知的公共电脑上进行和公司相关的业务操作。
Lewis said that Eugene Kaspersky “would love to be (part of) a private company headquartered in London but the Russian government won’t let him.”
防人之心不可无,供应链或内部员工,每时每刻都可能将机密外漏给媒体狗仔队、商业分析师、竞争对手等等,而可以打探的渠道太多,没有单一的技术解决方案,所以要加强提升员工和供应商的安全保密意识教育。

猜您喜欢

人行兰州中支启用安全保卫监控中心提升安保水平
网络信息安全好歌曲
网络安全法实施宣传
红娘揭秘残酷法则:花几十万也难找好男人
CHERYBRASIL THELONDONPIANIST
一个信息安全动画小故事,随意丢弃损毁的U盘,被保洁员拾走,泄了密……