An embattled Russian cybersecurity company recently barred from contracting with the U.S. government reportedly risks being sanctioned by the Trump administration and prohibited from doing business with American customers once a pair of related lawsuits brought by the company in D.C. federal court reach their conclusions.
Kaspersky Lab sued the Trump administration twice in response to separate policies passed last year banning federal agencies from using its products, and the U.S. government is considering sanctioning the company once those cases are resolved, CyberScoop reported Monday, citing several unnamed U.S. intelligence officials.
Headquartered in Moscow and founded in 1997 by Eugene Kaspersky, a former software engineer for the Soviet Ministry of Defense, Kaspersky Lab has repeatedly come under fire from the U.S. and its allies lately over national security concerns raised by the use of its services and products, including its widely-sold antivirus software, amid allegations and reporting connecting the company to Russian intelligence.
The U.S Department of Homeland Security issued a binding operational directive in September barring 13 federal agencies from using Kaspersky “products, solutions and services,” and President Trump signed an annual defense bill into law in December that contained a provision outright prohibiting the federal government from contracting Kaspersky.
Kaspersky sued the U.S. government over the DHS ban and defense bill provision in December and February, respectively, and potential sanctions may be imposed once both those suits come to a close, effectively eradicating the company’s operations in the U.S. and possibly its allies, the intelligence official told CyberScoop.
“The continued actions by the U.S. government against Kaspersky Lab lack sufficient basis, have been taken without any evidence of wrongdoing by the company and rely upon subjective, non-technical public sources, such as uncorroborated and often anonymously sourced media reports and rumors, which is why the company has challenged the validity of these actions in federal court,” Kaspersky Lab said in a statement.
“Kaspersky Lab welcomes calls to declassify any credible information that can shed light on the government’s concerns regarding its operations or its products as a public good, so that the company can responsively address said concerns and the general public can better understand this matter without the ongoing obfuscation,” the statement said.
Government representatives and multiple agencies, including the U.S. National Security Council, Treasury Department and Department of Homeland Security, declined to comment, CyberScoop reported.
Sen. Jeanne Shaheen, a New Hampshire Democrat who led previous effort to ban Kaspersky, said that sanctioning Kaspersky “is a logical next step.”
“The administration must show no hesitancy in sending a strong message that Putin’s near-constant cyber-attacks and intrusions against U.S. and NATO systems and institutions will not be tolerated,” Ms. Shaheen told CyberScoop.
The DHS directive issued last year ordering government agencies to purge their systems of Kaspersky Lab products cited “ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks.”
“The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security,” DHS said in the directive.
Mr. Kaspersky has repeatedly denied assisting the Russian government’s intelligence-gathering efforts.
• Andrew Blake can be reached at ablake@washingtontimes.com.
Please read our comment policy before commenting.