News
Commentary from Flashpoint and Garrison Technology experts RE: Biden ban on Kaspersky Lab’s antivirus software in the US
June 2024 by Andrew Borene, Executive Director with Flashpoint and Adam Maruyama, Field CTO with Garrison Technology
The Biden administration announced a ban on the sale of Kaspersky Lab’s antivirus software in the United States.The commentary from both Andrew Borene, Executive Director with Flashpoint and Adam Maruyama, Field CTO with Garrison Technology.
Commentary from Flashpoint and Garrison Technology are below:
“This decision is a logical reflection of the tectonic shifts that are dividing economies along the lines of power competition between allies and the Russia/China/Iran/North Korea digital domain; these divides obviously extend into private sector actors as well. Kaspersky has a history of problems with US, Canadian and other allied governments — banning its use for US security probably is a wise choice in many cases, particularly in the categories of civilian critical infrastructure at state/local/municipal level whether that infrastructure is inherently governmental or privately owned and operated.” – Andrew Borene, Executive Director for Flashpoint.
“The administration’s move to ban Kaspersky Lab products in the United States underscores the stakes of security products gone bad, wherein the privileges that are supposed to be used to protect networks and systems are instead used to subvert security mechanisms, deploy malware, and steal data. But deliberate seeding of such capabilities via a commercially available product is only the tip of the iceberg. In their report on zero-days exploited in the wild in 2023, Google noticed a marked increase in attacks against enterprise security software including detection and response, VPN, and firewall operating systems. Left unchecked, this rise in exploits could provide attackers the same privileged access they would have had if administrators installed compromised software.
As threat actors become more sophisticated and look to privileged services such as security software to gain and maintain persistent access, the cybersecurity community needs to rethink the way we consider security solutions. The cybersecurity community, particularly in the high-threat sectors of government and critical infrastructure, must consider innovative solutions like using fixed-function, deterministic components such as FPGAs rather than malleable software solutions to enforce critical security functions. If we don’t fundamentally rethink the way we approach and enforce security, our most sophisticated adversaries will continue to subvert the software meant to keep us safe – whether it’s by shipping compromised software or attacking and compromising legitimately-developed solutions.” – Adam Maruyama, Field CTO, Garrison Technology
