Kaspersky Strikes Back After US Government Ban

By Joseph Marks

December 19, 2017

The anti-virus company Kaspersky launched a challenge in federal court to the U.S. government’s decision to ban its products from government systems Monday, saying the Homeland Security Department rushed to judgment and didn’t give the Russian company a chance to defend itself.

Homeland Security gave civilian agencies three months to begin scrubbing Kaspersky from their systems in September after concluding the company was too closely tied to the Kremlin. That process is nearly complete, department officials have said.

That directive relied on “subjective, non-technical public sources of information” such as rumors and anonymously sourced media reports, Kaspersky charged Monday.

» Get the best international military business news each week in the Global Business Brief from Marcus Weisgerber. Sign up here.

The directive also violated Kaspersky’s due process rights because the company did not have a chance to defend itself before the ban was issued, the company said.

Genuine due process provides you with the opportunity to defend yourself and see the evidence against you before action is taken,” CEO Eugene Kaspersky said in an open letter, also released Monday. “It doesn’t ask you to respond once action is already underway.”

Homeland Security’s publicly stated reason for the ban was based on public reports about close ties between Kaspersky executives and Russian spy officials and a Russian law that might have compelled Kaspersky to help the Kremlin intercept digital communications transiting Russian networks.

An unstated explanation may have come in an October Wall Street Journal report. That report described how Russian government hackers may have used vulnerabilities in Kaspersky as a jumping off point to steal government hacking tools from a National Security Agency contractor who had downloaded them to his personal computer.

If that article is accurate, it’s still not clear that Kaspersky was aware of the vulnerability or complicit in the theft. After an internal investigation, Kaspersky acknowledged it had removed hacking tools from a computer that might have belonged to the contractor and deleted them but denied giving the tools to any third party.

The person using the computer also turned off the Kaspersky anti-virus before installing the hacking tools, giving a third party an opportunity to sneak in undetected, the company said.

Homeland Security also shunned Kaspersky’s efforts to cooperate during the buildup to the ban, the company said, including a July letter from Kaspersky that the department acknowledged receiving but didn’t respond to.

DHS’s actions have caused undue damage to both the company’s reputation in the IT security industry and its sales in the U.S.,” Kaspersky said. “It has unfairly called into question Kaspersky Lab’s fundamental principles of protecting its customers and combatting cyber threats, regardless of their origin or purpose.”


By Joseph Marks // Joseph Marks covers cybersecurity for Nextgov. He previously covered cybersecurity for Politico, intellectual property for Bloomberg BNA and federal litigation for Law360. He covered government technology for Nextgov during an earlier stint at the publication and began his career at Midwestern newspapers covering everything under the sun. He holds a bachelor’s degree in English from the University of Wisconsin in Madison and a master’s in international affairs from Georgetown University.

December 19, 2017

http://www.defenseone.com/threats/2017/12/kaspersky-strikes-back-after-us-government-ban/144677/