The US Department of Homeland Security (DHS) has taken the unusual step of banning the use of all products and services from Russian AV vendor Kaspersky Lab within federal government agencies, citing fears over alleged ties the company has with the Russian state.
Acting secretary of homeland security, Elaine Duke, issued a Binding Operational Directive (BOD) on Wednesday which mandates that all civilian agencies identify and remove all Kaspersky Lab products within 90 days.
It claimed the action was based on assessment of “information security risks” posed by the vendor, stating that its products – like all AV – have “broad access to files and elevated privileges” which hackers could exploit to compromise government computers.
It added:
“The department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks. The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates US national security.”
It is thought that at least six US government agencies use Kaspersky Lab software.
The move comes amid a growing paranoia in Washington about the Putin administration’s apparent attempts to undermine the democratic process in various nations, including interference in its own presidential election last year.
In a statement, Kaspersky Lab claimed it was disappointed by the decision, but that it would be taking advantage of the opportunity provided by the DHS to submit a written response to mitigate the department’s concerns.
It added:
“No credible evidence has been presented publicly by anyone or any organization as the accusations are based on false allegations and inaccurate assumptions, including the claims about Russian regulations and policies impacting the company.
“In addition, more than 85 percent of its revenue comes from outside of Russia, which further demonstrates that working inappropriately with any government would be detrimental to the company’s bottom line. These ongoing accusations also ignore the fact that Kaspersky Lab has a 20-year history in the IT security industry of always abiding by the highest ethical business practices and trustworthy technology development.”
It concluded that the firm has been branded “guilty until proven innocent due to geopolitical issues.” Founder Eugene Kaspersky expanded on these comments in a blog post this week.
Eric O'Neill, Carbon Black national security strategist and former FBI counter-terrorism operative, argued that the Russian government’s increasingly aggressive moves in cyberspace were to blame for the decision.
“While the directive may appear extreme, the Russian government has waged a silent war against the United States for years, most recently in attempting to influence our 2016 election. As traditional spies have evolved into hackers and spy agencies have focused on cyber-penetrations, Russian intelligence has led the charge,” he added.
“Russian intelligence doesn't play by any rule book. If nothing is sacred to spies, and Russia's brazen spy tactics continue, I can't fault the federal government for an overabundance of caution. I also hope we are wrong.”