Russian-based Kaspersky Lab has sued the U.S. government over a decision to ban use of the company’s products at all federal agencies due to national security concerns.
Continue Reading Below
The world’s largest private cybersecurity company filed the claim with the U.S. District Court for the District of Columbia on Monday, alleging that the White House had deprived it of due process.
“DHS failed to provide Kaspersky Lab with adequate due process and relied primarily on subjective, non-technical public sources like uncorroborated and often anonymously sourced media reports and rumors in issuing and finalizing the Directive,” the company’s CEO Eugene Kaspersky wrote in an open letter. “DHS has harmed Kaspersky Lab’s reputation and its commercial operations without any evidence of wrongdoing by the company.”
In September, the Department of Homeland Security (DHS) issued a binding operational directive to all federal agencies and departments to remove Kaspersky Lab software due to suspicions regarding potential national security risks.
President Donald Trump signed the ban into law last week, as part of the Fiscal Year 2018 National Defense Authorization Act.
DHS said it was concerned that the software, installed on computers with access to files “and elevated privileges could be exploited by malicious cyber actors to compromise those information systems.” In addition to concerns over whether Kaspersky products could leave U.S. systems vulnerable to malicious actors, the U.S. government said the company could have ties to the Kremlin – whether those ties are in the form of voluntary collaboration or mandated under law by the Russian government.
All departments were given 30 days to identify the presence of Kaspersky products within their agency and 90 days to discontinue use and remove the products from their information systems.
A federal official said only about 15% of government agencies had Kaspersky software installed.
Last month, Kaspersky Lab chief Eugene Kaspersky admitted to accessing classified digital surveillance tools from a U.S. government computer in 2014 and sending it to servers in Moscow. Kaspersky said the company’s analysts were tracking a powerful group of hackers and were triggered by an alert on a computer an NSA employee took home. The information, he said, was promptly deleted and not sent to any third parties.
Kaspersky Lab has repeatedly denied the White House’s primary concerns.