June 25, 2018 | Press Release
Russian Tech Companies Give Moscow Potential Beachheads to Infiltrate US Military, Private Sector
(Washington, D.C., June 25, 2018) – While Russian anti-virus company Kaspersky Lab has gained the most international attention, other Russian tech companies are capable of giving Moscow potential beachheads to infiltrate the supply chains of the U.S. national security industrial base and establish backdoors into government and private networks, according to a new report issued today by the Foundation for Defense of Democracies (FDD).
FDD Russia expert Boris Zilberman writes in “Kaspersky and Beyond: Understanding Russia’s Approach to Cyber-Enabled Economic Warfare” that U.S. policymakers are right to be concerned that, as Russia reportedly uses criminal hackers as proxies, the Kremlin may be using Russian technology companies to gain access to U.S. government and private networks.
Cyber-enabled economic warfare is a strategy involving attacks against a nation using cyber technology with the intent to weaken its economy and reduce its political and military power.
“Understanding how Moscow perceives and prioritizes its ability to target the U.S. economy at the heart of U.S. power is critical for developing effective policies to deter, thwart and defeat this threat,” said Dr. Samantha Ravich, FDD senior advisor and Principal Investigator of FDD’s cyber-enabled economic warfare (CEEW) project. “This report provides policymakers and the intelligence community with new insights into Russia’s capabilities and urges the intelligence community to evaluate Russian intentions: whether Moscow is expressly supporting tech companies in order to gain access to U.S. networks, how they are operationalizing this support, and what the Kremlin intends to do with this access.”
Russian antivirus company Kaspersky Lab provides “one of the best examples of how technical knowhow, market foresight, and government cooperation can produce not only a global tech giant but also a serious national security threat,” Zilberman writes. While Congress has banned the U.S. government from using Kaspersky’s products, other Russia tech companies, including those that are direct outgrowths of Kaspersky, have not received the scrutiny they deserve.
The U.S. Treasury and Commerce departments possess tools to isolate entities posing a threat to U.S. national security. Zilberman recommends that the Department of Homeland Security create a “watch list of software companies believed to be acting on behalf of, or are being used by, adversarial states in ways that pose a security risk to US entities.” Washington should also create a mutually beneficial consortium with U.S. allies to identify potentially nefarious software and hardware and create an internal red notices and trigger immediate scrutiny.
The report is the first in a series that examines the CEEW strategies of leading adversarial cyber powers.
For media inquiries, contact [email protected] or 202.403.2904.
The Foundation for Defense of Democracies (FDD) is a Washington, DC-based non-partisan policy institute focusing on foreign policy and national security. Visit our website at www.defenddemocracy.org and connect with us on Twitter, Facebook, and YouTube.