Jeanne Shaheen – WindowsTechs.com

Senators want answers on State Department’s glaring cybersecurity gaps

Posted on September 12, 2018 by Greg Otto

The State Department must do more to shore up its cybersecurity posture, according to a bipartisan group of senators. The department is woefully behind on hitting various federal cybersecurity benchmarks, and it is weak on basic measures to protect against phishing, hacks and other cyberattacks, wrote Ron Wyden, D-Ore., Cory Gardner, R-Colo., Ed Markey, D-Mass., Rand Paul, R-Ky., and Jeanne Shaheen, D-N.H., in a letter to Secretary Mike Pompeo. The letter cites two recent reports: The department’s inspector general found last year that 33 percent of diplomatic missions failed to conduct even the most basic cyberthreat management practices, like regular reviews and audits. Also, the General Services Administration found that the department has only instituted enhanced access controls on 11 percent of agency devices. The Federal Cybersecurity Enhancement Act requires agencies to enable multi-factor authentication (MFA) for elevated privileged accounts. “We urge you to improve compliance by enabling more secure authentication mechanisms across […]

The post Senators want answers on State Department’s glaring cybersecurity gaps appeared first on Cyberscoop.

Continue reading Senators want answers on State Department’s glaring cybersecurity gaps→

Top U.S. counterintelligence official: Kaspersky’s move to Switzerland doesn’t matter

Posted on June 12, 2018 by Patrick Howell O'Neill

The ongoing fight between the U.S. government and Moscow-based Kaspersky Lab led the company to begin moving “a good part” of its infrastructure to Switzerland in a highly-visible move toward transparency in the face of spying accusations. The U.S.’s top counterintelligence official, however, says Kaspersky’s move to Switzerland makes no difference to him. William Evanina, the Director of the National Counterintelligence and Security Center, looks at the way the U.S. government handles Kaspersky — which is now banned from the U.S. federal government and is losing ground in the private sector — as “an opportunity to create a model,” he said. “This will not be the last time this happens. I think there will be more to come along, I call them ‘nation-state threats that emanate through the global business process.’ ” Kaspersky’s opening of a “Transparency Center” in Switzerland is significant but leaves open a wide range of questions. The company has […]

The post Top U.S. counterintelligence official: Kaspersky’s move to Switzerland doesn’t matter appeared first on Cyberscoop.

Continue reading Top U.S. counterintelligence official: Kaspersky’s move to Switzerland doesn’t matter→

U.S. government weighing sanctions against Kaspersky Lab

Posted on April 23, 2018 by Patrick Howell O'Neill

The U.S. government is considering sanctions against Russian cybersecurity company Kaspersky Lab as part of a wider round of action carried out against the Russian government, according to U.S. intelligence officials familiar with the matter. The sanctions would be a considerable expansion and escalation of the U.S. government’s actions against the company. Kaspersky, which has two ongoing lawsuits against the U.S. government, has been called “an unacceptable threat to national security” by numerous U.S. officials and lawmakers. Officials told CyberScoop any additional action against Kaspersky would occur at the lawsuits’ conclusion, which Kaspersky filed in response to a stipulation in the 2018 National Defense Authorization Act that bans its products from federal government networks. If the sanctions came to fruition, the company would be barred from operating in the U.S. and potentially even U.S. allies. Sen. Jeanne Shaheen, D-N.H., authored legislation to ban Kaspersky, which was eventually introduced into the NDAA. In […]

The post U.S. government weighing sanctions against Kaspersky Lab appeared first on Cyberscoop.

Continue reading U.S. government weighing sanctions against Kaspersky Lab→

Report: Russian hackers stole NSA data with help from Kaspersky products

Posted on October 5, 2017 by Patrick Howell O'Neill

Russian state-backed hackers stole tools used by the National Security Agency from a contractor’s personal computer after he put the tools on a personal computer, the Wall Street Journal reports. The theft, which took place in 2015 and was discovered in 2016, was reportedly enabled after the hackers identified code using Kaspersky Lab antivirus software. The Moscow-based cybersecurity firm has been under intense scrutiny of late, including a Department of Homeland Security order banning the company’s products from being used on most federal government machines. In the lead up to the story’s publication on Wednesday, CEO Eugene Kaspersky took to Twitter to call the upcoming report a “conspiracy theory” and criticized that it relied on “anonymous sources.” “Note we make no apologies for being aggressive in the battle against cyberthreats,” he tweeted. A Kaspersky spokesperson told CyberScoop that the company “has not been provided any evidence substantiating the company’s involvement in […]

The post Report: Russian hackers stole NSA data with help from Kaspersky products appeared first on Cyberscoop.

Continue reading Report: Russian hackers stole NSA data with help from Kaspersky products→

Pentagon’s looming Kaspersky ban viewed as ‘purely political’

Posted on June 30, 2017 by Patrick Howell O'Neill

The Department of Defense may ban products from Moscow-based cybersecurity company Kaspersky, yet experts would be surprised if it changes much from an operational standpoint. The ban is receiving criticism from security professionals, who said the move signifies little more than political posturing. “I’d like to call this out as what it is: a purely political move,” Jake Williams, founder of Rendition Infosec, told CyberScoop. “This doesn’t need to be in the [Pentagon budget]. If intelligence indicates that Kaspersky is in cahoots with the Russian government, [the Department of Defense] could (and should) ban the use of Kaspersky products by policy.” Eugene Kaspersky, the firm’s CEO and co-founder, offered again on Friday to let the U.S. government audit the company’s source code to prove “we’ve got nothing to hide.” “We want the government, our users and the public to fully understand that having Russian roots does not make us guilty,” he wrote in […]

The post Pentagon’s looming Kaspersky ban viewed as ‘purely political’ appeared first on Cyberscoop.

Continue reading Pentagon’s looming Kaspersky ban viewed as ‘purely political’→