U.S. Policy Toolkit for Kaspersky Labs

In February, the White House attributed “the most destructive and costly cyberattack in history,” a summer 2017 attack affecting critical infrastructure and other victims around the world, to Russian intelligence services. The malicious code used in the attack, known as NotPetya, permanently encrypts the data on the computers that it has infected, essentially destroying them. Ground zero for the malware was Ukraine, but it self-propagated and quickly spread to Asia, Europe and the United States, costing its victims billions of dollars in damage. Russia’s hand in the NotPetya attack ought to send a chill down the spine of anybody who uses products by the Moscow-based antivirus company Kaspersky Labs. Russian law and practice, grants Russian intelligence agencies virtually unfettered authority to compel any internet-facing business in Russia to support their operations.