Kaspersky Lab ban: What we know so far about the US government's antivirus crackdown
Kaspersky Lab software must be removed from all federal systems within 90 days.
Worries rippled through the consumer market for antivirus software after the US government banned federal agencies from using Kaspersky Labs software on Wednesday (13 September).
The directive issued by acting Homeland Security Secretary Elaine Duke comes as various US law enforcement and intelligence agencies and several congressional committees are investigating Russian meddling in the 2016 presidential election.
Kaspersky said in a statement that it was disappointed by the directive and insisted "it does not have unethical ties or affiliations with any government, including Russia."
Duke directed all US federal agencies and departments to stop using products or services supplied directly or indirectly by the Russian-owned and operated company.
The directive gives agencies 30 days to determine whether they are using any Kaspersky products.
The software must be removed from all information systems within 90 days.
"The department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies," the directive said.
It said the department also is concerned about Russian laws that would permit Russian spy agencies to compel Kaspersky to provide assistance or intercept communications transiting Russian networks.
"The risk that the Russian government - whether acting on its own or in collaboration with Kaspersky - could capitalise on access provided by Kaspersky products (in order) to compromise federal information and information systems directly implicates US national security," the directive said.
The directive provides Kaspersky an opportunity to respond or mitigate the department's concerns. Kaspersky said the company was happy to have an opportunity to provide information to show that the allegations are unfounded.
"No credible evidence has been presented publicly by anyone or any organisation as the accusations are based on false allegations and inaccurate assumptions, including claims about the impact of Russian regulations and policies on the company," Kaspersky said.
Kaspersky said it is not subject to the Russian laws cited in the directive and said information received by the company is protected in accordance with legal requirements and stringent industry standards, including encryption.
"Kaspersky Lab has never helped, nor will help, any government in the world with its cyberespionage or offensive cyber efforts, and it's disconcerting that a private company can be considered guilty until proven innocent, due to geopolitical issues," Kaspersky said.
Electronics retailer Best Buy has removed Kaspersky products from its shelves, although it declined to explain why. Amazon, which sells Kaspersky software, declined to comment.
Staples and Office Depot, both of which sell the software, didn't immediately return messages seeking comment.
The chief executive of the software company, Eugene Kaspersky, is a mathematical engineer who attended a KGB-sponsored school and once worked for Russia's Ministry of Defence.
His critics say it's unlikely that his company could operate independently in Russia, where the economy is dominated by state-owned companies and the power of spy agencies has expanded dramatically under President Vladimir Putin.
At a Senate intelligence committee hearing in May, top US officials were asked whether they would be comfortable with Kaspersky software on their computers.
"No" was the reply given by then-acting FBI Director Andrew McCabe, CIA Director Mike Pompeo, National Intelligence Director Dan Coats, National Security Agency Director Adm. Mike Rogers, National Geospatial-Intelligence Agency Director Robert Cardillo and Defense Intelligence Agency Director Lt. Gen. Vincent Stewart.
Democrats on Capitol Hill applauded the decision.
Nicholas Weaver, a computer security researcher at the University of California, Berkeley, called the US government decision "prudent," after arguing for such a step in July. But he added by email, "for most everybody else, the software is fine."
The biggest risk to US government computers is if Moscow-based Kaspersky is subject to "government-mandated malicious update," Weaver wrote this summer.
Another expert, though, suggested that consumers should also uninstall Kaspersky software to avoid any potential risks.
Michael Sulmeyer, director of a cybersecurity program at Harvard, noted that antivirus software has deep access to one's computer and network.
"Voluntarily introducing this kind of Russian software in a geopolitical landscape where the US-Russia relationship is not good at all, I think would be assuming too much risk," he said.
"There are plenty of alternatives out there."
Sulmeyer also said retailers should follow Best Buy's lead and stop selling the software.
Earlier this week, Kaspersky Lab announced plans to open three new offices in North America while also restructuring resources away from a prior focus on US government contracts.
Eugene Kaspersky recently was forced to deny having close links to Russian intelligence, previously calling such accusations "extremely frustrating."
"Because I'm a self-made entrepreneur who, due to my age and nationality, inevitably was educated during the Soviet-era in Russia, they mistakenly conclude my company and I must be bosom buddies with the Russian intelligence agencies," he wrote in a recent blog.
"We want the government, our users and the public to fully understand that having Russian roots does not make us guilty," he added.
On 27 June this year, the FBI questioned at least a dozen Kaspersky Lab employees in their homes, allegedly to ask about the internal structure of the company.
Kaspersky products account for about 5.5% of anti-malware software products worldwide, according to research firm Statista.
The company currently boasts more than 400m customers globally.
© Copyright IBTimes 2024. All rights reserved.