US Orders Federal Agencies to Remove Kaspersky Products
By Jeff Seldin September 13, 2017
U.S. security officials on Wednesday ordered government agencies to get rid of products and services from Kaspersky Lab, a Moscow-based cybersecurity firm.
Department of Homeland Security Acting Secretary Elaine Duke issued the directive, giving agencies 90 days to comply.
"This action is based on the information security risks presented by the use of Kaspersky products on federal information systems," according to a DHS statement.
The department said the key concerns were ties "between certain Kaspersky officials and Russian intelligence and other government agencies."
"This is a risk-based decision we need to make," said White House cybersecurity coordinator Robert Joyce, speaking at the Billington CyberSecurity Summit in Washington.
"The company must collaborate with the FSB [Russian intelligence], and so, for us in the government, that was an unacceptable risk," Joyce said.
The U.S. said it would give Kaspersky an opportunity to address its concerns in writing.
Kaspersky has repeatedly denied it helps Russia with espionage efforts. On Tuesday, company founder Eugene Kaspersky took to Twitter to try to calm fears.
"Despite geopolitical turbulence we remain committed to American customers," he said.
The DHS directive came hours after the top U.S. intelligence official warned that Russia has been ramping up the pace of its operations against the United States.
"Russia has clearly assumed an ever more aggressive cyberposture by increasing cyberespionage operations, leaking data stolen from those operations," Director of National Intelligence Dan Coats said at the cybersecurity summit.
Coats did not elaborate on the scope or target of Russia's cyberoperations, but warned that a range of enemies were increasingly seeking to weaponize public opinion.
"Adversaries use the internet as an echo chamber in which information, ideas or beliefs get amplified or reinforced through repetition," Coats said. "Their efforts seek to undermine our faith in our institutions or advance violence in the name of identity."
The top U.S. intelligence official also said hackers were increasingly targeting the U.S. defense industry.
"Such intrusions, even if intended for theft and espionage, could inadvertently cause serious if not catastrophic damage, where an adversary looking for small-scale destructive cyberaction against the United Sates could miscalculate," Coats said.
In an unclassified report released in January, top U.S. intelligence agencies concluded Russian President Vladimir Putin waged an unprecedented "influence campaign" in an effort to sway the 2016 U.S. presidential election in favor of then-candidate Donald Trump.
As president, Trump has repeatedly questioned those assessments, suggesting at times it was unclear whether Russia was responsible.
Just last week, however, an internal Facebook investigation found 470 Russian-linked accounts paid for thousands of political ads to appear during last year's presidential campaign.
Facebook said further investigation revealed another 2,200 ads "might have originated in Russia,'' including ads purchased by accounts with IP addresses in the United States but set to Russian in the language preferences.
Democrat Mark Warner of Virginia, vice chair of the Senate Intelligence Committee, told a security conference last week that the revelations might just be "the tip of the iceberg," and that Russia also most likely had manipulated messages via other social media platforms, such as Twitter.
Despite the doubts raised by Trump and some of his supporters, former officials have remained steadfast that Russia was responsible for hacking into Democratic National Committee computers in an effort to discredit Democratic Party candidate Hillary Clinton.
"We personally reviewed every single piece of intelligence that went into that ICA [intelligence community assessment] and spent hours and hours talking to the analysts," said former National Security Agency Deputy Director Richard Ledgett.
"I am as certain of this as I'm as certain as gravity: that the Russian government directed this activity with the intent to influence the election," he said.
|Join the GlobalSecurity.org mailing list|