Citing Russian Ties, Homeland Security Boots Kaspersky Software From Government Agencies

The Trump administration on Wednesday told U.S. government agencies to remove Kaspersky Lab products from their information systems, saying it was concerned the Moscow-based cyber security firm was vulnerable to Kremlin influence.

The Department of Homeland Security issued the order on September 13 following growing criticism in Congress and elsewhere about the Moscow-based company's software products, which are widely used in the United States and elsewhere.

Meanwhile, unnamed sources told Russian news agency The Bell, that Kaspersky's Washington, D.C., branch, Kaspersky Government Security Solutions Inc, is considering closing its offices there because the USA government has prohibited affiliation.

One worst-case scenario the DHS outlines is that Russian intelligence agencies might work with Kaspersky officials to extract data from USA systems, using the very software that U.S. government agencies have installed to protect themselves.

The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security.

Just a few days ago, Best Buy pulled Kaspersky's products from its shelves with claims that there were "too many unanswered questions" about the connections the company has with Russian intelligence services.

Kaspersky counts among its ranks former Russian intelligence officials and has assisted Russian authorities in investigations of cybercrime, but such links to domestic security services and assistance are routine in the cybersecurity industry.

President Trump's administration has today ordered the removal of all Kaspersky security products from U.S. government IT systems, citing claims that the company is vulnerable to influence from the Russian government. Agencies will have 30 days to "identify any presence of Kaspersky products on their information systems", 60 days to develop plans to remove and discontinue use of the products, and 90 days to implement said plans.

"The reason all this drama is happening is because there were articles that came out indicating that Kaspersky had ties to the Russian government", said Dan Tentler, founder of Phobos Group.

The federal ban could lead to pressure on state and local governments to ditch Kaspersky products as well. In doing so, the GSA suggested a vulnerability exists in Kaspersky that could give the Kremlin backdoor access to the systems the company protects.

The decision by the Trump administration comes as the US Senate was planning to vote as soon as this week on a defense policy spending bill that includes language that would ban Kaspersky Lab products from being used by US government agencies.

"Kaspersky Lab doesn't have inappropriate ties with any government, which is why no credible evidence has been presented publicly by anyone or any organization to back up the false allegations made against the company", a spokesperson for Kaspersky Lab said in a statement to the Washington Post.

"The truth is we don't know if Kaspersky has direct ties", he said.

  • Joey Payne