Kaspersky is declared a US national security threat

By Morf Morford

Tacoma Daily Index

It’s like a plot line from a low-budget, grainy, black and white Cold War movie thriller; a Russian company works its way into the deepest of the deep inner workings of American culture, economy and security and turns us against ourselves.

Fast forward from those paranoid years, if not decades, of fears of a communist in every closet to a far more likely reality of a Russian virus in every computer.

And television.

And hand-held device.

Except this is no Hollywood-driven, over-wrought Cold War propaganda fantasy – this is a battle taking place on, or behind, a small screen near you.

Oddly enough, federal agencies and contractors have been using a Russian-based cyber security and antivirus company for decades now.

Chess VS. Checkers

There’s an old saying that the Russians play chess while Americans play checkers.

Russians play the long game while we pick up pieces and imagine that with each opposing piece claimed, we are closer to victory.

We congratulate ourselves with each move and barely even notice that we are just clearing the field, preparing the way, for our own compromise.

In the digital age, what could be a better disguise for cyber intrusion, surveillance, and ultimate control, than a company with a speciality in, ahem, computer security?

It’s a classic plot-line, and, if you know your history, one of the oldest strategies of all.

And, one might be inclined to come to the conclusion that anyone taken in by one of the oldest and most obvious attempts at deception deserves to lose everything, but you might not be so encouraged when you find out that the eager victims are most businesses and government agencies – and many of us.

Kaspersky, one of the most prominent cyber security and antivirus companies, is a multinational company with offices in a number of countries, including the US, UK, and Japan – and with the company headquartered in Moscow, Russia.

For lots of obvious reasons – especially since late February of 2022 – the company has come under scrutiny from the US government.

But this has been a long time coming. Way back in 2017, the Federal Bureau of Investigation (FBI) was warning companies and other agencies not to use Kaspersky software, presumably over concerns of Russian government spying.

Less than a month after the FBI’s warnings against using Kaspersky software, almost five years ago, the Department of Homeland Security issued a Binding Operational Directive (BOD) requiring most federal agencies and contractors to remove Kaspersky products from federal information systems.

Besides being an acronym suitable for a 1960’s James Bond film, BOD is intended to safeguard the information and information accessing services of federal agencies.

In March of 2022, the Federal Communications Commission added Kaspersky, along with China Mobile and China Telecom, to a list of communications equipment and services that are deemed to pose an unacceptable risk to US national security.

The list falls under Section 2 of the Secure Networks Act, which was passed in 2019 and “prohibits the use of certain federal funds to obtain communications equipment or services from a company that poses a national security risk to U.S. communications networks.”

The list is maintained by the FCC and was last updated in March of 2021 to include Huawei, ZTE, and three others.

You can see the full list here: https://www.fcc.gov/supplychain/coveredlist.

Are we reaching for a national Darwin Award?

It might seem like a news bulletin from Captain Obvious that we might want to think twice before we invest “federal funds to obtain communications equipment or services from a company that poses a national security risk to U.S. communications networks”, but in an era when anything seems possible, and no one, and no action seems to have boundaries or consequences, such near primal guidelines need to be proscribed – and enforced.

Who would have imagined that Chinese-made devices or Russian-designed software would hold any threat to our digital security, commerce and military systems?

Some things are only obvious in retrospect.

Others are painfully obvious immediately.