Government’s Kaspersky Use Still a Mystery, Even After Ban

Congress and Homeland Security are still grappling with the extent of the Russian cybersecurity firm’s presence on federal systems.

AP Photo/Raphael Satter
Sept. 18, 2017, 8 p.m.

Despite the blanket ban issued last week on the U.S. government’s use of products from Russian cybersecurity firm Kaspersky Labs, there’s still broad uncertainty over how widespread the use of the potentially compromised software is on federal networks.

That’s not true for all agencies, some of which were able to provide an accounting of Kaspersky’s presence on their systems. The Transportation Department and the Environmental Protection Agency, for example, were both able to confirm that Kaspersky software was not deployed on their networks. A State Department spokesman told National Journal that the agency entered into three contracts for Kaspersky antivirus software since fiscal 2012, which together totaled less than $9,000. The spokesman added there were no confirmed instances of Kaspersky software loaded onto the State Department’s OpenNet enterprise network, which links together the department’s various computer systems around the globe.

But other agencies are a virtual black hole when it comes to Kaspersky, a popular Moscow-based company suspected of threatening U.S. network security through its alleged close ties with Russian intelligence agencies. Citing “operational security,” a Defense Department spokeswoman said the Pentagon could not answer questions regarding its use of Kaspersky products or services. The Treasury Department did not respond to a request for comment, and the Department of Justice declined to comment (though evidence from a federal website that tracks government spending indicates that over the past two years, the Justice Department has entered into several contracts with Kaspersky worth hundreds of thousands of dollars in total).

Even the agency spearheading the Kaspersky ban seems unclear about the Russian firm’s presence on its own networks. In last Wednesday’s government-wide order, the Homeland Security Department laid out a plan for each agency to identify any Kaspersky Labs products on its networks over the next 30 days. But when asked if Homeland Security had spent money on Kaspersky in the last five years, or if any sub-agencies were currently operating Kaspersky products, a DHS official told National Journal that the department “will follow its own guidance and complete the process required to identify the use of these products. If any are found, DHS will develop a plan as directed.”

The ongoing uncertainty is not for want of asking. Lawmakers have been seeking answers on the use of Kaspersky by federal agencies since at least May, after top U.S. intelligence officials told the Senate Intelligence Committee they would be uncomfortable using the firm’s software on their networks. Later that month, then-Homeland Security Secretary John Kelly admitted his department was likely running Kaspersky on some of its systems, prompting Democratic Sen. Joe Manchin to demand a complete report on the Russian company’s presence at Homeland Security. In late July, Rep. Lamar Smith, the chairman of the House Science, Space, and Technology Committee, put in a similar request to each of the Cabinet-level agencies.

But a Smith spokeswoman says the chairman has so far only received responses from some federal agencies (she didn’t say which). Manchin’s office did not respond to repeated requests asking whether the senator has received the promised Homeland Security report. And a DHS spokesman confirmed that despite the ban, the department does not yet have information on the full extent of Kaspersky use across the federal government.

David O’Brien, a senior researcher at Harvard University’s Berkman Klein Center for Internet and Society, believes most federal agencies won’t have a complete record of their use of Kaspersky products for some time. “I look a little bit skeptically at having hard and fast numbers in a 30-day period, or within a couple of months,” he said, adding that most federal networks are sprawling, byzantine entities that will take some time to comb through thoroughly. He also noted that old procurement documents will paint only a partial picture, since agencies are likely to have purchased hardware containing pre-installed Kaspersky products or contracted with third-party vendors who still use Kaspersky. Just from knowing how disorganized government IT can be, my guess is it’s going to take much longer than they think,” he said.

But there are still steps agencies can take to prevent unwanted espionage while they work to find and remove Kaspersky products. “Just because the software is on the system doesn’t mean that the risks that it poses can’t be mitigated in some other way,” O’Brien said. Agencies will need to monitor network traffic in real time, and perhaps add additional layers to their cybersecurity systems, while they expunge Kaspersky from their networks, he said.

In the meantime, Congress plans to continue pressuring federal agencies on Kaspersky. A provision in the National Defense Authorization Act is set to codify the Kaspersky ban into federal law. And Jeanette Manfra, the acting DHS deputy undersecretary of cybersecurity and communications, is slated to testify before the House Science Committee on Sept. 27. A committee spokeswoman said one key question at the hearing will be the extent to which the federal government uses Kaspersky products.

Eugene Kaspersky, the Russian-born founder of Kaspersky Labs, is also set to testify before the House committee on Sept. 27. Kaspersky has vehemently denied any untoward connection between his firm and the Kremlin, instead blaming rising international tensions and Russophobia for the crackdown against his company.

What We're Following See More »
SHE NEEDS HALF OF THE TORIES TO VOTE FOR HER
Theresa May Faces Vote of Confidence
1 hours ago
THE LATEST
HEADS TO HOUSE FOR FINAL PASSAGE
Senate Passes Farm Bill, 87-13
15 hours ago
THE LATEST
SAYS MCCONNELL
Senate To Take Up Criminal Justice
22 hours ago
WHY WE CARE

"Senate Majority Leader Mitch McConnell said that the Senate will take up criminal justice reform legislation as soon as this week, marking a win for President Donald Trump and a remarkable turnaround for the bill. The latest version of the measure could be released as soon as Tuesday, according to two sources familiar with the matter, and is likely to win over more Republican support on a plan that had sharply divided the GOP."

Source:
SAYS THEY'RE BLACKMAILING HIM
Jerome Corsi Sues Mueller, Agencies for $350M
2 days ago
THE LATEST

"The conservative writer and conspiracy theorist Jerome Corsi filed a lawsuit on Sunday accusing special counsel Robert Mueller of blackmailing him to lie about President Donald Trump in the investigation of Russian interference in the 2016 election. The suit, which seeks $350 million in actual and punitive damages in U.S. District Court in Washington, was filed six days after Corsi entered a formal complaint with the Justice Department alleging prosecutorial misconduct by Mueller." Corsi alleges that Mueller illegally leaked information from the grand jury, and that Mueller's team "threatened him with prison unless he agreed to testify falsely that he served as a liaison between WikiLeaks founder Julian Assange and the Republican political strategist Roger Stone."

Source:
BOTH SIDES' POSITIONS HAVE HARDENED OVER BORDER
Trump Meeting with Schumer, Pelosi on Tuesday
2 days ago
THE LATEST

"A year-end spending deal to fund one-quarter of the federal government rests on a critical meeting this week between President Trump and two top Democrats. Senate Minority Leader Chuck Schumer, D-N.Y., and House Minority Leader Nancy Pelosi, D-Calif., will meet with Trump Tuesday morning to talk about what agreement the two sides can reach, if any, when it comes to funding for a southern border wall."

Source:
×
×

Welcome to National Journal!

You are currently accessing National Journal from IP access. Please login to access this feature. If you have any questions, please contact your Dedicated Advisor.

Login