US bans Kaspersky software from government agencies – CNET

US federal agencies must remove Kaspersky Lab products from government computers, under a directive from the Department of Homeland Security.

Vyacheslav Prokofyev

The Trump Administration on Wednesday ordered federal agencies to remove Kaspersky Lab products from government computers over concerns the Moscow-based cybersecurity software company might be vulnerable to Russian government influence.

In a binding directive issued by Acting Secretary of Homeland Security Elaine Duke, all federal departments and agencies have 30 days to identify any Kaspersky products in use on their networks. The departments then have another 60 days to begin removal of the software, which the DHS worries might pose a security risk due to connections the company has to the Russian government.

The Department of Homeland Security “is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks,” the department said in a statement.

“The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates US national security,” the department said.

Kaspersky rejected the allegations, saying in a statement it “doesn’t have inappropriate ties with any government, which is why no credible evidence has been presented publicly by anyone or any organization to back up the false allegations made against the company.”

Kaspersky went on to say Russian law requiring data sharing is being misinterpreted by some and doesn’t apply to the company.

“Kaspersky Lab has never helped, nor will help, any government in the world with its cyberespionage or offensive cyber efforts, and it’s disconcerting that a private company can be considered guilty until proven innocent, due to geopolitical issues,” Kaspersky said, adding it looked forward to working with the DHS to prove the allegations are “without merit.”

Cybersecurity has become a hot topic in Washington as concerns have mounted over email leaks during the 2016 presidential election campaign and reports of Russian online meddling, as well as breaches at government agencies and in the business world. In May, President Donald Trump signed an executive order on cybersecurity that calls for US government agencies to modernize and strengthen their computer systems.

Similar bans against US government use of Kasperksy products have been suggested before. In June, a proposal prohibiting the US military from using the company’s products was reportedly included in the Senate’s draft of the Department of Defense’s budget rules.

Special Reports: All of CNET’s most in-depth features in one easy spot.

It’s Complicated: This is dating in the age of apps. Having fun yet? These stories get to the heart of the matter.

Leave a Reply

Your email address will not be published. Required fields are marked *