Technology

U.S. utility EPB will replace Kaspersky software after customer concerns

The small power and telecom company based in Tennessee becomes the first utility company the U.S. to announce its moved on from Kaspersky products.

By Patrick Howell O'Neill

November 6, 2017

EPB becomes the first power company to publicly announce its moving on from Kaspersky products. (Photo courtesy of EPB Power)

EPB, a publicly owned U.S. power and telecommunications company, is replacing Kaspersky anti-virus as the security software it provides customers because of suspicions from customers and U.S. government officials that the Moscow-based company’s connections to the Russian government pose a security risk.

Based in Chattanooga, Tennessee, EPB follows American retail giants like Best Buy and Staples that have removed Kaspersky from their shelves. It’s the first American power company to publicly remove Kaspersky, but FBI briefings around the industry have resulted in utilities — including at least one nuclear power company — privately nixing business deals with the Russian firm, according to one U.S. intelligence official.

The FBI has been briefing private sector firms on Kaspersky and pushing American companies to cut ties for some time.

“What we started doing since the spring [of 2017] is basically evaluate other options,” John Pless, an EPB spokesman, told CyberScoop. The company is currently looking at McAfee’s anti-virus as a free security software option for EPB customers. A deal has not yet been closed.

Pless pointed out that that Kaspersky was initially chosen because it is widely considered to offer some of the best security software in the industry. EPB also says they are assisting customers in uninstalling Kaspersky software whenever it is requested.

In September, the Department of Homeland Security issued a directive mandating civilian federal agencies remove Kaspersky software from all machines and networks. The Pentagon followed in October with a similar directive. Kaspersky was blocked earlier this year from joining the Cyber Threat Alliance, an U.S.-based group of tech firms who share threat intelligence led by former White House cybersecurity coordinator Michael Daniel.

Kaspersky has long denied inappropriate collaboration with Russian intelligence services. No evidence of wrongdoing by Kaspersky has been publicly presented by U.S. officials.

“The company doesn’t have inappropriate ties with any government, which is why no credible evidence has been presented publicly by anyone or any organization to back up the false allegations made against Kaspersky Lab,” the company told CyberScoop earlier this year.

“The only conclusion seems to be that Kaspersky Lab, a private company, is caught in the middle of a geopolitical fight, and it’s being treated unfairly, even though the company has never helped, nor will help, any government in the world with its cyber-espionage or offensive cyber efforts.”

EPB serves approximately 170,000 customers through its power offerings and more than 91,000 through its fiber optics telecommunication services.