Application security, Security Architecture, Threat Management, Supply chain, Risk Assessments/Management

Sources: US promptly warned about Kaspersky software threat

Reuters reports that the US government has held private briefings warning critical infrastructure organizations regarding the potential security risks of using Kaspersky software a day after Russia invaded Ukraine. "The risk calculation has changed with the Ukraine conflict. It has increased," said a senior US official familiar with the matter. The official added that Russia-based Kaspersky employees may be forced by Russian intelligence or law enforcement agencies into providing remote access to its clients, which include Microsoft, IBM, and Intel. The private briefings may be detrimental to the reputation of Kaspersky and "is not appropriate or just," according to a company spokesperson. Information about the private briefings comes a week after the Federal Communications Commission included Kaspersky on its list of vendors regarded as a threat to US national security. Meanwhile, the UK's National Cyber Security Centre has called on organizations to refrain from leveraging Russian technologies in their supply chain. "We have no evidence that the Russian state intends to suborn Russian commercial products and services to cause damage to UK interests, but the absence of evidence is not evidence of absence," said the NCSC.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.