Written byChris Bing
Russian President Vladimir Putin voiced his support for a plan to compel Russian companies to purchase and deploy software that is created only by Russian technology firms rather than foreign competitors.
The move comes as the FBI is privately counseling U.S. businesses to uninstall products that are created and sold by Moscow-based cybersecurity giant Kaspersky Lab due to reported privacy and security concerns.
Although Kaspersky’s anti-virus software is not widely used in federal agencies, some companies continue to rely on it for protection against hackers. The FBI has yet to publicly provide evidence to support the accusation that Kaspersky acts as an extension of Russian intelligence services.
Putin told Russian news agency Interfax Sept. 8 that Russian companies looking to secure government contracts should comply with the regulatory directive — which by nature, appears to reward organizations that invest in domestic alternatives if and when they exist.
“In terms of security, there are things that are critically important for the state, for sustaining life in certain sectors and regions,” Interfax news agency quoted Putin as telling a group of Russian technology executives last week. “And if you are going to bring in hardware and software in such quantities, then in certain areas the state will inevitably say to you: ‘You know, we cannot buy that, because somewhere a button will be pressed and here everything will go down.’”
Although many private businesses in Russia continue to use imported software and hardware, the Kremlin has steadily worked to curb the adoption of such technology through legislation and economic incentives. In 2016, for example, a major law was instituted that placed strict restrictions on government agencies’ ability to procure foreign software.
“This is undoubtedly part of a larger theme and not just a backlash against recent U.S. restrictions on Kaspersky,” said Jason Bush, a senior analyst focused on Russia with risk management consultancy the Eurasia Group. “No doubt Putin is trying to find ways to strengthen and expand import restrictions, and there have already been some steps in this direction.”
Putin’s comments were reported by Interfax on the same day that American consumer technology retail chain Best Buy announced that it would discontinue the sale of Kaspersky products in its storefronts. A BestBuy spokesperson told CyberScoop the company would offer replacement software to affected customers and also help uninstall the products where appropriate.
Foreign policy experts say that while the Russian mandate predates the FBI’s ongoing campaign against Kaspersky, the two initiatives similarly underscore a desire by governments to tightly control the adoption of foreign software in certain economic sectors, domestically, because of the perceived threat of exploitable software vulnerabilities and other business concerns.
“The more the U.S. imposes new sanctions or restrictions — including for example against Kaspersky — the more Russia will retaliate with similar restrictions of its own,” Bush said. “Russia’s desire to control or restrict the activities of foreign IT companies reflects the fear that their unrestricted presence could make Russia’s IT infrastructure vulnerable to foreign pressure or disruption.”
The deterioration of U.S.-Russia relations in recent years has caused each nation to closely monitoring the flow of information and products into significant organizations. U.S. intelligence agencies publicly acknowledged in January that the Kremlin had interfered in the 2016 U.S. presidential election by conducting cyber operations and fueling disinformation on social media.
Because power is centralized in Russia among a core group of political leaders and businessmen, the Kremlin is able to apply pressure on local companies differently than the U.S. currently can. In short, this difference in governmental structure allows for varying degrees of influence on private sector decision making.
CyberScoop previously reported that the FBI’s counterintelligence investigation into Kaspersky largely revolved around voluntary briefings in which agents dissuaded the future use of certain products. It’s unclear if or to what degree the U.S. is discouraging the use of other Russian-made software programs beyond Kaspersky.