The US government has ordered federal agencies to stop using software made by the Russian security firm Kaspersky Lap. This development happens amidst growing concerns about the company’s probable connections with the Russian intelligence, as per reports.The US DHS (Department of Homeland Security) has, in a press release, stated- ” After careful consideration of available information and consultation with interagency partners, Acting Secretary of Homeland Security Elaine Duke today issued a Binding Operational Directive (BOD) directing Federal Executive Branch departments and agencies to take actions related to the use or presence of information security products, solutions, and services supplied directly or indirectly by AO Kaspersky Lab or related entities…The BOD calls on departments and agencies to identify any use or presence of Kaspersky products on their information systems in the next 30 days, to develop detailed plans to remove and discontinue present and future use of the products in the next 60 days, and at 90 days from the date of this directive, unless directed otherwise by DHS based on new information, to begin to implement the agency plans to discontinue use and remove the products from information systems.”
The move comes in the wake of mounting concerns about Kaspersky products, which have already developed into an issue in the US. Earlier this year, a US congressional panel had asked federal government agencies to share documents on Kaspersky Lab stating that Kaspersky products could be used for nefarious activities against the US. Later, in May, intelligence officials told a Congressional committee that they were reviewing government use of Kaspersky software after senators raised concerns that Russia might use Kaspersky products to attack American computer networks. In July, the General Services Administration removed Kaspersky from an approved-vendors list. There was also an attempt to ban the use of Kaspersky products by the US Department of Defense. Then there were reports about the FBI urging private sector companies to ditch Kaspersky software. Now, the DHS moves to ban the usage of Kaspersky security software by federal agencies.
The DHS, in its statement, explains the reasons that prompted the move- “The Department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks. The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security.”
An NBC News report points out that Eugene Kaspersky, the billionaire owner of Kaspersky Lab, the products of which are widely used in the US, “…has close ties to some Russian intelligence figures, according to U.S. Officials.” The report also says- “Kaspersky Lab paid former national security adviser Michael Flynn $11,250 in 2015 for cybersecurity consulting, according to public documents, but that was not a focus of the FBI questioning, multiple sources said.”
This new Kaspersky ban could deal a great blow to the reputation of the company, if not to the business directly. The company’s US federal government business is relatively small, as per reports.
Kaspersky Labs has, however, refuted the allegations. The DHS has given Kaspersky Labs 90 days time to prove that its products don’t pose a security risk to the US, or to mitigate concerns, if any.