U.S. Bans All Kaspersky Lab Products From Federal Agencies

Acting Secretary of Homeland Security Elaine Duke determined that continued use of the Moscow-based cyber security vendor's products poses an unacceptable risk to U.S. national security.

Aldrin Brown, Editor-in-Chief

September 19, 2017

3 Min Read
DHS

The U.S. Department of Homeland Security today banned the use of Kaspersky Lab products by the federal government and gave agencies 90 days to strip out the security software from their systems.

Binding Operational Directive (BOD) 17-01 is a dramatic escalation of a months-long campaign by U.S. intelligence officials, which have expressed concern about the Moscow-based security software vendor’s close ties to Russian spy agencies.

A statement from Homeland Security said that Acting Secretary Elaine Duke determined that continued use of Kaspersky products poses an unacceptable risk to U.S. national security.

“Kaspersky anti-virus products and solutions provide broad access to files and elevated privileges on the computers on which the software is installed, which can be exploited by malicious cyber actors to compromise those information systems,” DHS said in a statement.

“The Department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks,” the statement continued. “The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security.”

DHS has offered Kaspersky Lab – and any other business that might be impacted by the decision – an opportunity to submit additional information that might mitigate the government’s concerns.

In an email to MSPmentor, Kaspersky Lab said it was disappointed by the decision but grateful for the chance to make its case to federal authorities.

“No credible evidence has been presented publicly by anyone or any organization as the accusations are based on false allegations and inaccurate assumptions, including claims about the impact of Russian regulations and policies on the company,” the company’s statement said. “Kaspersky Lab has always acknowledged that it provides appropriate products and services to governments around the world to protect those organizations from cyberthreats, but it does not have unethical ties or affiliations with any government, including Russia.”

Further, the company says U.S. authorities are misinterpreting Russian policies and laws.

“The laws and tools in question are applicable to telecom companies and Internet Service Providers (ISPs), and contrary to the inaccurate reports, Kaspersky Lab is not subject to these laws or other government tools, including Russia’s System of Operative-Investigative Measures (SORM), since the company doesn’t provide communication services,” the Kaspersky statement said. “Also, it’s important to note that the information received by the company, as well as traffic, is protected in accordance with legal requirements and stringent industry standards, including encryption, digital certificates and more.”

The latest business headwinds come a week after the Best Buy retail chain said it would not longer sell Kaspersky Lab products.

The decision also comes at a sensitive time for Kaspersky Lab’s channel push.

In April, the company launched a new partner program for MSPs and VARs, and last month, hired a new North America channel chief.

Eric O’Neill, a former FBI counter-intelligence agent who now works as national security strategist at security software vendor Carbon Black, said that the actions of Russian intelligence are to blame for Kaspersky Lab’s woes.

“Russian Intelligence doesn’t play by any rule book,” he said in an email. “If nothing is sacred to spies, and Russia’s brazen spy tactics continue, I can’t fault the (U.S.) Federal Government for an overabundance of caution.”

“I also hope we are wrong,” O’Neill added. “Kaspersky is great software, but I’d like to know what the U.S. Intelligence community isn’t telling us.”

 

Send tips and news to [email protected].

Read more about:

AgentsMSPsVARs/SIs

About the Author

Aldrin Brown

Editor-in-Chief, Penton

Veteran journalist Aldrin Brown comes to Penton Technology from Empire Digital Strategies, a business-to-business consulting firm that he founded that provides e-commerce, content and social media solutions to businesses, nonprofits and other organizations seeking to create or grow their digital presence.

Previously, Brown served as the Desert Bureau Chief for City News Service in Southern California and Regional Editor for Patch, AOL's network of local news sites. At Patch, he managed a staff of journalists and more than 30 hyper-local and business news and information websites throughout California. In addition to his work in technology and business, Brown was the city editor for The Sun, a daily newspaper based in San Bernardino, CA; the college sports editor at The Tennessean, Nashville, TN; and an investigative reporter at the Orange County Register, Santa Ana, CA.

 

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like