U.S. Senate committee wants to ban Kaspersky products from the Department of Defense

Cites reports of “Russian government influence,” but still not a trace of evidence…

David bisson
David Bisson

U.S. Senate committee intent on prohibiting DOD's use of Kaspersky products

A committee in the United States Senate intends to prohibit the Department of Defense from using Kaspersky Lab’s products for fear of “Russian government influence”.

In its National Defense Authorization Act (NDAA) for Fiscal Year 2018 (PDF), the Senate Armed Services Committee sets out funding for the U.S. military. The NDAA proposes $640 billion for 2018. This amount exceeds President Trump’s budget request in order to “help the U.S. military restore readiness, rebuild capacity, and modernize the force for future challenges.”

On page 12, the act contains a section on “Countering Russian Aggression”. Therein we find a very peculiar clause:

“Prohibits the DOD from using software platforms developed by Kaspersky Lab due to reports that the Moscow-based company might be vulnerable to Russian government influence.”

Screen shot 2017 06 29 at 8.52.59 am

This clause doesn’t come as too much of a surprise considering recent events. In May 2017, Defense Intelligence Agency Director Vincent Stewart told a Senate Committee they were reviewing the U.S. government’s use of Kaspersky’s products for fear that Moscow might use the security firm’s software to hack American corporate networks.

As quoted by Reuters:

“We are tracking Kaspersky and their software. There is as far as I know no Kaspersky software on our networks.”

During that hearing, Sen. Marco Rubio, R-Fla., asked the chiefs of the NSA, Central Intelligence Agency, FBI, and three other intelligence agencies if they would be comfortable using Kaspersky’s products. Each said no. Perhaps that’s because they still believe some (misrepresenting) reports from back in 2015 that Eugene Kaspersky secures contracts for his company with Russian spies when he heads to the sauna.

Kaspersky boxIn a statement to the media, Kaspersky Lab has said it “has no ties to any government, and the company has never helped, nor will help, any government in the world with its cyberespionage efforts. The company has a 20-year history in the IT security industry of always abiding by the highest ethical business practices, and Kaspersky Lab believes it is completely unacceptable that the company is being unjustly accused without any hard evidence to back up these false allegations. Kaspersky Lab is available to assist all concerned government organizations with any ongoing investigations, and the company ardently believes a deeper examination of Kaspersky Lab will confirm that these allegations are unfounded.”

Statements like that, however, haven’t been enough to stop FBI agents grilling several of the company’s US employees on Tuesday night.

Just like Sophos aids the British government, and American firms cooperate with U.S. officials, Kaspersky Lab does work with the Russian government to help identify and track down criminal hacker groups. But this collaborative effort in the interest of digital security doesn’t imply criminal collusion. In fact, the U.S. government has yet to produce a shred of evidence backing up their suspicions of Russian influence.

Sign up to our free newsletter.
Security news, advice, and tips.

With that said, we said it before, and we’ll say it again:

“If someone genuinely believes Kaspersky’s software is somehow secretly spying on selected customers, now’s the time to put up or shut up. Show us the evidence.”

Otherwise, stop wasting everyone’s time.

David Bisson is an infosec news junkie and security journalist. He works as Contributing Editor for Graham Cluley Security News and Associate Editor for Tripwire's "The State of Security" blog.

5 comments on “U.S. Senate committee wants to ban Kaspersky products from the Department of Defense”

  1. Nuke'em

    This is a non story. The DoD has had policy in place for years requiring manufacturers of certain parts, e.g. integrated circuits for certain equipment items, be verified as trusted. Holding antivirus software manufacturers to the same type of scrutiny is warranted and should have been implemented long ago.

  2. J.R. Guthrie

    After the Bloomberg interviews, I was already done with Kaspersky. LogMeIn, are you getting this yet?

  3. Alfonso

    CIA, NSA tools? Microsoft interfering with Kaspersky Security and literally stopping it from doing it's work? Why don't we go after the real bad guys who are doing all the damage?

    How is that Win Defender doing for you?

    I believe all security companies have to twitch with all key infrastructures security in every government industries, corporations, etc to actually verify how secure or insecure they are. This is one way to discover bugs, vulnerabilities, etc. ( You have bad and good actors )

    They are going after Kaspersky because they can.

  4. Pete

    I love the irony in the fact that NSA says they wouldn't be "comfortable" using Kaspersky products. Of course they wouldn't. They prefer to do their own undetected spying.

    Anyhow, this whole thing about banning Kaspersky's software is stupid. Is the U.S. state admitting that they are utterly incompetent to examine the software and verify whether it's doing anything sinister?

    And what about the fact that the Russian state uses software produced in the U.S.? I would fully expect the Russians to retaliate by banning U.S. software if this fear-mongering against Kaspersky is allowed to stand.

    Sure enough, today (June 30), Russia threatened retaliation against U.S. software companies if Kaspersky's software is banned: https://www.bloomberg.com/news/articles/2017-06-30/russia-threatens-retaliation-if-pentagon-bans-kaspersky-software-j4k2inwq

    Terrific. The only thing these political clowns are going to accomplish is to prove (once again) that stupidity is self-propagating.

  5. Jim

    Hum, perhaps good business for USA antivirus companies? Wouldn't be the first time that policy was guided by local business concerns.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.