WASHINGTON – A U.S. House of Representatives committee said on Friday that it has scheduled a new hearing on Kaspersky Lab software as lawmakers review accusations that the firm’s software could be used to conduct espionage on behalf of the Kremlin.
Kaspersky Lab has strongly denied those allegations and offered to send Chief Executive Eugene Kaspersky to Washington to testify before Congress.
The House Committee on Science, Space and Technology announced the hearing a day after The Wall Street Journal and Washington Post reported that Russian government-backed hackers had stolen highly classified U.S. cyber secrets in 2015 from the National Security Agency after a contractor put information on his home computer, two newspapers reported on Thursday.
The theft included information on penetrating foreign computer networks and protecting against cyberattacks.
It is likely to be viewed as one of the most significant security breaches to date.
The employee had worked at the NSA’s Tailored Access Operations unit for elite hackers before he was fired in 2015.
If confirmed, the hack would be the latest in a series of breaches of classified data from the secretive intelligence agency, including the 2013 leaks of data on classified U.S. surveillance programs by contractor Edward Snowden.
Another contractor, Harold Martin, is awaiting trial on charges that he took classified NSA material home.
Tensions are already high in Washington over U.S. allegations of a surge in hacking of American targets by Russians, including the targeting of state election agencies and the hacking of Democratic Party computers in a bid to sway the outcome of the 2016 presidential election in favor of Republican Donald Trump.
Both the Journal and the Post reported that the contractor used antivirus software from Moscow-based Kaspersky Lab, the company whose products were banned from U.S. government networks last month because of suspicions they help the Kremlin conduct espionage.
Russian government officials could have used flaws in Kaspersky software to hack into the machine in question, security experts said. They could also have intercepted traffic from the machine to Kaspersky computers.
The Department of Homeland Security on Sept. 13 banned Kaspersky products in federal networks, and the U.S. Senate approved a bill to ban them from use by the federal government, citing concerns the company may be a pawn of the Kremlin and poses a national security risk.