Quantcast
Channel: iTWire - Entertainment
Viewing all articles
Browse latest Browse all 4710

DHS official says no proof Kaspersky software used for breaches

$
0
0
DHS official says no proof Kaspersky software used for breaches

A senior cyber security official at the US Department of Homeland Security has told a Congressional panel that she has yet to see any proof that software made by Kaspersky Lab has been exploited to infiltrate US government systems.

Testifying on Tuesday, Jeanette Manfra, the DHS assistant secretary for cyber security and communications, said: "We do not currently have evidence, conclusive evidence, that they have been breached."

She added that she wanted to do a thorough review before reaching a final conclusion.

The hearing, before the House Science, Space and Technology Oversight Subcommittee, was examining whether US Government agencies are falling in line with a directive that all federal agencies must check to see if they have Kaspersky software on their systems and get rid of it.

{loadposition sam08}The head of Kaspersky Lab, Eugene Kaspersky, was issued an invitation to testify before the panel on 27 September but his appearance was apparently cancelled. No date has been set for him to appear after that.

manfra

Jeannette Manfra testifying before the House Science, Space and Technology Oversight Subcommittee on Tuesday.

The DHS directive on 13 September gave agencies 30 days to identify their use of Kaspersky products and 60 days to develop detailed plans to remove and discontinue present and future use of the products.

A deadline of 90 days was set to implement plans to discontinue the use of Kaspersky software and to remove the same from information systems.

Manfra told the panel that all but six agencies had complied with the first phase of the DHS directive.

She said about 15% of the agencies had reported that Kaspersky products had been found on their systems, though these were not present on a majority of computers.

In many instances, this was not through direct purchase but through bundling with other software on PCs that the agencies in question had purchased.

Manfra was asked about a report in The New York Times on 11 October that claimed Russian Government employees had used Kaspersky's anti-virus software to search for the code names of US intelligence programmes, while Israeli intelligence officials looked on, and whether if this was true, then Kaspersky could be considered to have links to the Kremlin.

She said she could not go by media reports but if the scenario sketched by the NYT was correct, then that would be proof of Kaspersky having government ties.

The chief information officer of NASA, Reneé Wynn, said the agency discovered Kaspersky software on computers of third-party international partners as well as users' bring-your-own devices that were not connected to NASA's internal network.

"Kaspersky Lab software is not part of the agency's enterprise-licensed, core-load anti-virus software," Wynn said, adding that since 2010 NASA was using contracted Symantec anti-virus software.

"The existence of any alternative anti-virus software on agency hardware is considered to be a violation of agency IT standards and will be immediately removed or its usage blocked unless a specific waiver is on file based on a risk assessment performed," she added.

Essye Miller, the deputy chief information officer for cyber security at the Department of Defence, said the department used McAfee and Symantec anti-virus products. "Kaspersky is not part of the DoD solution," she added.

Moves against Kaspersky Lab in the US have gone up dramatically since the presidential elections of 2016, after claims that Russia had interfered to influence things the way of Donald Trump began to gain traction.

In October, reports in three major US newspapers compounded the problems faced by the company. One was the NYT report cited earlier.

A report in The Wall Street Journal on 11 October hinted that Kaspersky Lab could have made available its source code to the Russian Government.

Prior to that, a report in the Washington Post on 10 October claimed that Israeli Government information security professionals had found NSA hacking tools in Kaspersky Lab's system when it gained access to the company's servers in 2014.

Kaspersky Lab has now closed its offices in Washington DC.


Viewing all articles
Browse latest Browse all 4710

Trending Articles