Proposal To Sanction Russian Cybersecurity Firm Over Ukraine Invasion Splits Biden Administration

The Biden administration is divided over whether to impose sanctions on Kaspersky Lab, a Russian cybersecurity giant that officials warn could be used by the Kremlin as a surveillance tool against its customers, The Wall Street Journal reported Thursday, citing people familiar with the matter. From the report: The White House's National Security Council has pressed the Treasury Department to ready the sanctions as part of the broad Western campaign to punish Russia for its invasion of Ukraine, according to officials familiar with the matter. While Treasury officials have been working to prepare the package, sanctions experts within the department have raised concerns over the size and scope of such a move. The company's software is used by hundreds of millions of customers across the world, making it difficult to enforce the sanctions. In addition, some officials in the U.S. and Europe fear sanctioning Kaspersky Lab will increase the likelihood of triggering a cyberattack against the West by Moscow, even potentially leveraging the software itself. It wasn't clear whether the sanctions would go forward, and one official said the idea had been put on hold for now. The debate reflects how agencies within the Biden administration are weighing in real time options to deliver more economic pain to the Russian economy in response to its invasion of Ukraine.

Untrustworthy Snake Oil

[Stephan Schulz]

That's the situation you get when you run untrustworthy closed-source snake oil with the highest possible privileges on your computer. If you don't control your computer, someone else does. Or in most cases, several others, at will.

Re:

[sizzlinkitty]

If I had mod points, you earned them with this comment.

Is there any trustworthy AV software?

[AmiMoJo]

Is there any AV software that isn't vulnerable to interference by government, doesn't screw the customer like Acura/Norton/McAfee, and actually works reasonably well?

Re:

[tlhIngan]

Is there any AV software that isn't vulnerable to interference by government, doesn't screw the customer like Acura/Norton/McAfee, and actually works reasonably well?

Alas, not really.

The problem Kaspersky has is they are operating under an authoritarian government that can dictate they do something, and they're forced to do so because of dire consequences.

Whereas Norton/etc work under a more democratic government and thus have a few freedoms as well. There have been cases where government interference was o

Re:

[Anonymous Coward]

What happens if the CIA/NSA send Norton a National Security Letter and they refuse it?

McAfee didn't kill himself.

Re:

[AxeTheMax]

Agreed, the US has not invaded the Ukraine. But it has invaded more than any other country in modern history, including at least one recent one (Iraq) on a made up basis. Yes, lots of refs, e.g. https://www.indy100.com/news/u... [indy100.com]

Re:

[kiviQr]

How about Microsoft's Defender for Endpoint? At least if government wants access they probably already have thru Windows so you have only one vendor-vector of attack.

Re:

[phantomfive]

At this point, I don't think there is any reason to use antivirus other than Microsoft Defender.

At its best, antivirus doesn't work very well.

Re:

[taustin]

It's the only one I've ever used that wasn't bloated pigware that slows down the system to the point of not being usable.

And generally, some someone does independent testing of various AV software, it's not #1, but it's always in the top 5.

Re:

[Joce640k]

At this point, I don't think there is any reason to use antivirus other than Microsoft Defender.

+5

Can't Biden start a propaganda war in the USA to get everybody to uninstall it? It's mostly bloated scareware these days anyway.

Re:

[gweihir]

Sure. But MS is even less trustworthy than AV vendors. MS openly spies on its users these days. AV vendors at least think it may be bad for their business if they do that and then are found out.

Re:

[FuegoFuerte]

Adding Defender to what's already shipped with Windows doesn't make this any worse, and it at least doesn't suck every last drop of performance out of the system. Most AV software is worse than what it allegedly protects against.

Re:

[gweihir]

Sure. I am just commenting on the attack-surface. Defender seems to be reasonable these days. No need to spend money for an additional attack-vector into your system. Just do not put stuff you really want protected on a Windows-system in the first place. It cannot be trusted.

Re:

[FuegoFuerte]

Well, to be fair I haven't gone intentionally testing them. I do know that Defender (and the FEP it's based on) don't suck. I also know that everything that has come pre-installed on any system I've gotten in the past 10 years has been awful and quickly uninstalled because it sucked so badly. I also know that the various endpoint protection products IT has pushed to my corp laptop over the past 8 years have all been absolutely terrible as well (worst among them is Crowdstrike).

So maybe there are some oth

Re:

[AmiMoJo]

Given that Defender is practically impossible to disable now, you kind of have to trust it.

Re:

[Local ID10T]

Kaspersky have shown themselves to be "good guys" over the many years they have been in business. Twenty years ago, their product was worth using... but I'm not convinced we need it now.

The accusation that they could (perhaps at literal gunpoint) be forced to push out a malicious update is _plausible_ but unlikely.

They are a Russian corporation, and should not be immune to general sanctions targeted at the Russian economy. I do not see any reason to target them specifically, however; as they are not known

Re:

[AmiMoJo]

I see that Kaspersky still offers their live CD distro. That might be the best way to use it. Boot it, update the virus databases, remove the network cable and then mount the drives to be scanned. I suppose it could still inject malware onto your drives.

The other advantage of that is that the Linux NTFS driver can't be screwed with to hide the virus from the OS. Back in the XP days that was a common way that viruses hid from anti-virus software.

Re:

[gweihir]

By its very operating principle, all system-integrated AV software is "trusted", i.e. can easily attack you. Updates routinely not only contain signatures but also code. An exception are file-scanners on the web, for example Virustotal (https://www.virustotal.com/). But this is restricted to files and means you have to potentially expose your files to a 3rd party (Google).

Hence, no AV software is safe from government interference unless your government is limited by law and courts to not be able to do this

Current sanctions against Russia are stupid

[SuperKendall]

The sanctions we have today against Russia are stupid, primarily because we aren't actually sanctioning the main sources of revenue (gas and oil) or Russia can find enough buyers willing to go against sanctions the sanctions are not having any effect. Because too many people need that gas and oil, there is effectively no way to have sanctions that include them.

However, although they are not having any effect on stopping the war - they are having plenty of effect on destroying the lives of innocent people t

Re:

[Kernel Kurtz]

And the longer the sanctions go, the more the people in Russia that supported the west will turn against us.

They are getting off incredibly easy not having their homes bombed to rubble like the Ukrainians. They can keep their new USSR level economy for life even if they are too dumb to know why.

Re:

[phantomfive]

If I have to pay more at the pump because of Ukraine, then I think it's not unfair to ask the Russian citizens to take some economic pain as well. It is their country invading another, after all.

Re:

[Kernel Kurtz]

If I have to pay more at the pump because of Ukraine, then I think it's not unfair to ask the Russian citizens to take some economic pain as well. It is their country invading another, after all.

Absolutely. It is sad their government keeps the Russian people in the dark, but if not for the sanctions most of them would be completely clueless that anything out of the ordinary is happening at all. There is no reason at all to keep them immune from reality.

Re:

[Powercntrl]

If I have to pay more at the pump because of Ukraine

I know this has been the meme lately, but it's not correct. Oil prices are up because OPEC cut production due to reduced demand during Covid-19 lockdowns [nytimes.com]. Now that the economies of the world are reopening they're all about that sweet, sweet profit, rather than increasing production.

It might be nice to think that you're filling up your tank with freedom for those extra bucks, but it's still just plain old fashioned oil industry greed.

Re:

[Kernel Kurtz]

Why does it help to make an entire popiautino suffer IN ADDITIION to the Ukranians?

Because it is a war. You seem unclear on the concept.

Re:

[Calinous]

The war is not fought by Putin. It is fought by the Russian army, which is made of Russians.
As for starving, Russia is one of the largest exporters of grain. They will not starve (even though they might no longer have access to champagne with their bread).

Re:

[aaarrrgggh]

You are missing time horizon. Weapons help in the short term, sanctions in the long-term. We are in the odd middle-ground right now, so you need pressure everywhere you can get it.

As for Kaspersky, a sanction is the wrong tool, but repeating security warnings is a good start.

Long term effects even worse

[SuperKendall]

Weapons help in the short term, sanctions in the long-term.

In what way will sanctions help in the long term? Russia is setting up to keep selling oil and gas for a currency they can use anywhere, which is a very long term answer to the sanctions we have imposed.

Long term Russia is actually better off than most western country, because Russia is rich with commodities that people need, and will pay for, and Russia has very little debt compared to most western governments.

Long term what the sanctions have don

Long term it's all the same

[SuperKendall]

Long term, people will realize: hey we had McDonalds and Starbucks before, why can't we have them now?

Even short term, they still have them [nypost.com]. :-)

Going to Uncle Vanyas instead of McDonalds is not the recipe for fostering regime change (which the U.S. should stop trying to do anyway).

Re:

[phantomfive]

The sanctions are having a lot of effect. Look at all the billionaire yachts that have been taken.

Re:

[taustin]

When the billionaire oligarchs get tired of the sanctions (and they eventually will), Putin will mysteriously disappear, never to be seen again. That is the real target of the sanctions.

You are too used to the West

[SuperKendall]

When the billionaire oligarchs get tired of the sanctions (and they eventually will), Putin will mysteriously disappear, never to be seen again.

If this were any western nation I would agree. But this is Russia, and that is simply not how Russia works.

In Russia the Ogligacrhs are rich, but have zero power, and basically exist at the whim of Putin.

Not to mention, they all have the bulk of their wealth still held in Russia, and have the kind of money where losing a mega yacht is kind of like dropping an ice-c

Re:

[djinn6]

Putin will mysteriously disappear, never to be seen again. That is the real target of the sanctions.

Yep, just like how Kim Il-sung, Fidel Castro, Saddam Hussein and Mao Zedong all mysteriously disappeared after sanctions were imposed on their respective countries. Oh wait...

Re:

[Local ID10T]

However, although they are not having any effect on stopping the war - they are having plenty of effect on destroying the lives of innocent people that live in Russia who want nothing to do with the war in Ukraine but have no say.

If you are suffering under the effects of the sanctions, then they are working as intended. If you want them to end, your government needs to end the war on Ukraine. It is up to you to control your government. Claiming you have no say is an abdication of your responsibility.

Re:

[SuperKendall]

If you are suffering under the effects of the sanctions, then they are working as intended.

Is it moral at all to make people suffer who have absolutely no ability to change what you want to stop? The people of Russia have absolutely NO WAY, even en masse, to effect change in Russia. So we are making them suffer for absolutely no reason. I guess I'm the only person that has a problem with making innocent people suffer just because they happen to live in Russia?

I want the war to end in Ukraine as much as a

Re:

[Local ID10T]

The people of Russia have absolutely NO WAY, even en masse, to effect change in Russia.

Bullshit.

Re:

[drinkypoo]

Russians don't get to complain about morality of sanctions while their military is in Ukraine.

Re:

[Local ID10T]

The answer is either that the people of Russia have no ability to effect change, or that the sanctions are having exactly the opposite effect intended - to have people push Putin out of power.

The Russian people have changed not only the direction of their government, but their entire system of governance multiple times, both violently and peacefully, in the past few hundred years -it can be changed again.

If you want the sanctions to end, make a change.

Re:

[aRTeeNLCH]

No individual common Russian is to blame. But collective, in a way, they are. Just like all democrats were still to blame for your last republican president's actions. If it's only economic, I don't mind if they get to feel it to the point of great discomfort and beyond. Before you call me heartless and unreasonable, think of Mariupol and the almost daily lies of letting people out, then shooting at them.

Kaspersky tax revenue murders Ukrainians

[couchslug]

Let's not pretend even an otherwise immaculate Kaspersky is not a major Russian war asset providing foreign exchange and tax money to Putin's war machine.

Kaspersky is trying really hard ...

[RitchCraft]

... to win the hearts and minds of people. I just watched the dumbest movie ever ... Moonfall. Something I noticed however is that Kaspersky had a BIG outdoor sign in one of the scenes of a devastated city and Kaspersky software was on the space shuttle systems! LOL. Kaspersky software protecting Space Shuttle systems. Big bold letters too. Too freakin' funny. I wonder how much Kaspersky paid to have their product placement in such a ridiculous place? Given the stupidity of the movie it fit right in I guess

Sad but true

[michaelni]

When i heard about the first attacks against ISPs. One of the first things i did was check that i had no Russian controlled software installed on any of my machines. It sadens me a bit but things like kaspersky simply pose a security risk. That has nothing to do with sanctions, its just too easy for an oppressive government to force companies under its control to do things which are not in its or its customers interest. This idiotic war causes even more damage than one might initially have assumed.

Trust Kaspersky

[Canberra1]

Trust Kaspersky, based on previous performance. In the past they have been first to catch many, first to deconstruct nasty ones, teaching budding CERT experts, and first to provide (free) effective removal tools. And shut down botnets. Think for a moment - their whole business model relies on trust and efficiency. Oh, they have been unfairly slandered, but never, nothing bad shown - only the reverse. One exception - if you live in a conflict country. OTOH Pegasus spyware, and derivatives are used widely - a

Re:

[cmseagle]

Trust Kaspersky, based on previous performance.

How has Kaspersky performed previously when their staff and their families are threatened with imprisonment, physical harm, a little novichok in the underpants, etc. by the Russian government?

I think that the only reasonable answer here is "we don't know." It's possible that there's never been any such attempted coercion. It's possible that there has been attempted coercion, and Kaspersky managed to stand up to it. What we do know is that such thuggery is all too plausible given recent events, so I'm per

Re:

[Canberra1]

Reputational Damage, and risk assessment is the key. Even is USA the govt can rubber hose people and telcos with a secret orders, including tapping senators and journalists - apparently the constitution is watered down. Presently very skilled US people have poured over Kaspersky with a fine toothcomb looking for any excuse. Evidence based fact checking says nothing, ever. They also poured over Huawei, and found nothing to support libelous accusations . Maybe they did for a custom exchange product for one cu

Re:

[michaelni]

I trust Kaspersky, the problem is not Kaspersky. The problem is that Kaspersky is under full control of a government hostile to the "democratic" world. Your government can ask for your private keys and it can prevent you from telling anyone. The real question is do i trust Kaspersky would choose torture and prison to prevent their government to use them in an exploit?

Why is anyone divided?

[MonkeyProgrammer]

How can anyone be sitting on the fence anymore?

Just look at what the Russians are doing in Ukraine. It is pure evil.

There is no grey area.

Either you worship the devil or you reject it.

Make your choice!