Trump administration orders purge of Kaspersky products from United States government

Trump administration orders purge of Kaspersky products from United States government

Kaspersky denies that it has allowed the Kremlin access to customer data, but American officials said on Wednesday that the decision to ban Kaspersky products from federal systems was based on the risk posed by the company and its inability to resist Kremlin directives. Last week, Best Buy Co, the No.1 US electronics retailer, said it was pulling Kaspersky Lab's cyber security products from its shelves and website. Even if that doesn't occur, there are laws in Russian Federation about data privacy which have given the DHS pause for thought.

Rep. Bennie Thompson, D-Miss., the ranking member of the House Homeland Security Committee, said that since the election, questions have intensified about federal information networks use of the Russian company's software.

Duke directed all US federal agencies and departments to stop using products or services supplied directly or indirectly by the Russian-owned and operated company. The Department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks.

Binding Operational Directive 17-01 takes steps to address that potential security risk. Agencies will have 30 days to "identify any presence of Kaspersky products on their information systems", 60 days to develop plans to remove and discontinue use of the products, and 90 days to implement said plans.

Kaspersky did not immediately respond to a request for comment. For it to consider overturning the decision, however, it would need to address the agencies fears, or "mitigate those concerns". "The company looks forward to working with DHS, as Kaspersky Lab ardently believes a deeper examination of the company will substantiate that these allegations are without merit".

It's not the first blow in recent months for the Russian business, mind.

Longstanding suspicions about the company grew in the United States when U.S. -Russia relations deteriorated following Russia's 2014 annexation of Crimea and later when U.S. intelligence agencies determined that Russian Federation interfered in the 2016 U.S. presidential election using cyber means.

"Kaspersky Lab has never helped, nor will help, any government in the world with its cyberespionage or offensive cyber efforts, and it's disconcerting that a private company can be considered guilty until proven innocent, due to geopolitical issues", Kaspersky said. It had also offered to submit its software to independent tests, to verify it was free of backdoors and other security loopholes.

In July, Bloomberg Businessweek published internal emails from 2009 in which founder and CEO Eugene Kaspersky told executives that the company was embarking on a new project at the behest of the FSB, the Russia's primary state security agency.

A former senior official at the company told NBC News that the company's USA federal government business is small, but the reputational damage from a federal ban would be huge.