The News

U.S. Agencies Ordered to Stop Using Russian Company’s Software

Eugene Kaspersky, Russian antivirus programs developer and chief executive of Russia's Kaspersky Lab, poses for a photo on a balcony at his company's headquarters in Moscow, Russia, Saturday, July 1, 2017. photo: AP/Pavel Golovkin

WASHINGTON – The U.S. on Wednesday banned federal agencies from using computer software supplied by Kaspersky Lab because of concerns about the company’s ties to the Kremlin and Russian spy operations.

The directive issued by acting Homeland Security Secretary Elaine Duke comes as various U.S. law enforcement and intelligence agencies and several congressional committees are investigating Russian meddling in the 2016 presidential election.

Kaspersky said in a statement that it was disappointed by the directive and insisted “it does not have unethical ties or affiliations with any government, including Russia.”

Duke directed all U.S. federal agencies and departments to stop using products or services supplied directly or indirectly by the Russian-owned and operated company. The directive gives agencies 30 days to determine whether they are using any Kaspersky products. The software must be removed from all information systems within 90 days.

“The department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies,” the directive said. It said the department also is concerned about Russian laws that would permit Russian spy agencies to compel Kaspersky to provide assistance or intercept communications transiting Russian networks.

“The risk that the Russian government — whether acting on its own or in collaboration with Kaspersky — could capitalize on access provided by Kaspersky products (in order) to compromise federal information and information systems directly implicates U.S. national security,” the directive said.

The directive provides Kaspersky an opportunity to respond or mitigate the department’s concerns.

Kaspersky said the company was happy to have an opportunity to provide information to show that the allegations are unfounded.

“No credible evidence has been presented publicly by anyone or any organization as the accusations are based on false allegations and inaccurate assumptions, including claims about the impact of Russian regulations and policies on the company,” Kaspersky said.

Kaspersky said it is not subject to the Russian laws cited in the directive and said information received by the company is protected in accordance with legal requirements and stringent industry standards, including encryption.

“Kaspersky Lab has never helped, nor will help, any government in the world with its cyberespionage or offensive cyber efforts, and it’s disconcerting that a private company can be considered guilty until proven innocent, due to geopolitical issues,” Kaspersky said.

The chief executive of the company, Eugene Kaspersky, is a mathematical engineer who attended a KGB-sponsored school and once worked for Russia’s Ministry of Defense. His critics say it’s unlikely that his company could operate independently in Russia, where the economy is dominated by state-owned companies and the power of spy agencies has expanded dramatically under President Vladimir Putin.

At a Senate intelligence committee hearing in May, top U.S. officials were asked whether they would be comfortable with Kaspersky software on their computers.

“No” was the reply given by then-acting FBI Director Andrew McCabe, CIA Director Mike Pompeo, National Intelligence Director Dan Coats, National Security Agency Director Adm. Mike Rogers, National Geospatial-Intelligence Agency Director Robert Cardillo and Defense Intelligence Agency Director Lt. Gen. Vincent Stewart.

DEB RIECHMANN