Exclusive: U.S. warned firms about Russia's Kaspersky software day after invasion

The risk calculation has changed with the Ukraine conflict

The U.S. government began privately warning some American companies the day after Russia invaded Ukraine that Moscow could manipulate software designed by Russian cybersecurity company Kaspersky to cause harm, according to a senior U.S. official and two people familiar with the matter.

The classified briefings are part of Washington's broader strategy to prepare providers of critical infrastructure such as water, telecoms and energy for potential Russian intrusions, Qazet.az reports.

President Joe Biden said last week that sanctions imposed on Russia for its Feb. 24 attack on Ukraine could result in a backlash, including cyber disruptions, but the White House did not offer specifics.

"The risk calculation has changed with the Ukraine conflict," said the senior U.S. official about Kaspersky's software. "It has increased."

Kaspersky, one of the cybersecurity industry's most popular anti-virus software makers, is headquartered in Moscow and was founded by a former Russian intelligence officer, Eugene Kaspersky.

A Kaspersky spokeswoman said in a statement that the briefings about purported risks of Kaspersky software would be "further damaging" to Kaspersky’s reputation "without giving the company the opportunity to respond directly to such concerns" and that it "is not appropriate or just."

The senior U.S. official said Kaspersky's Russia-based staff could be coerced into providing or helping establish remote access into their customers' computers by Russian law enforcement or intelligence agencies.

Kaspersky, which has an office in the United States, lists partnerships with Microsoft, Intel and IBM on its website. Microsoft declined to comment. Intel and IBM did not respond to requests for comment.

On March 25, the Federal Communications Commission added Kaspersky to its list of communications equipment and service providers deemed threats to U.S. national security