Kaspersky Detection

Expanse Identifies Continued Presence of Russian Software in Government and Private Sector

Expanse Inc

By Expanse Inc, 08.19.2019

SAN FRANCISCO, August 19, 2019 – Expanse, the leader in helping IT operations and security teams discover, manage, and secure all their global internet assets, today announced that as part of its continuous monitoring and discovery platform it has found software from Russian-based Kaspersky Labs present on multiple U.S. government networks and the networks of government contractors. In addition, Expanse has detected Kaspersky software within a number of Fortune 500 companies, including 19 financial services companies and 17 healthcare businesses.

The use of Kaspersky Labs’ cybersecurity and anti-virus software was banned by the U.S. government in 2017 for all government agencies and contractors. It was considered a national security risk due to concerns that the company had ties with the Russian government. As a result, federal agencies were given 90 days to start to remove the anti-virus software. Further, government contractors were prohibited from using Kaspersky in any work with U.S. agencies by October 2018. But, as disclosed by Expanse, Kaspersky software is still present on dozens of systems today, counter to the mandate.

“Clearly the Kaspersky problem is not going away,” said Tim Junio, CEO, and Co-Founder of Expanse. “This is a real issue, exacerbated by the size and complexity of large government agencies and Fortune 500 companies. Most organizations don’t have a planned solution or diagnostic approach to identify access points and vulnerabilities. Or worse, they think they do, but don’t. Understanding your network is a requirement if you want to secure it, and that’s what we set out to solve when we founded Expanse.”

Expanse products help customers detect unauthorized software and hardware across various vendors and types of products. Expanse has no private information or company opinion regarding the risks associated with Kaspersky products and is acting as a policy implementation arm regarding customer network configurations. The continued presence of Kaspersky software could be explained by employees bringing in Kaspersky software for use on government and company networks or from suppliers of hardware where Kaspersky is embedded into third-party products unbeknownst to the purchaser. Learn more now about Expanse solutions for Kaspersky detection.

Expanse’s Behavior continuously analyzes network traffic coming from the networks of customers for a variety of risks, including communications with servers controlled by Kaspersky Labs. The data used to produce this report was scoped to only include observations collected in the last two weeks of July 2019 to demonstrate that there remains a current, wide, and persistent use of Kaspersky software across the global networks belonging to the U.S. government, government contractors, and Fortune 500 organizations. The number of U.S. government and government contractor organizations that Expanse has observed communicating with servers controlled by Kaspersky since the October 2018 ban is substantially larger than the numbers cited here.

Expanse closed a $70 million Series C round led by TPG Growth, with return investments from NEA, IVP and Founders Fund, and MSD Capital. The company serves a deep, lucrative foundation of elite international customers across government, Fortune 500 companies, and internet service providers (ISPs).