Kaspersky hauling Homeland Security to court to overturn federal ban

Kaspersky Lab has filed an appeal in the United States Federal Court to overturn the September ban imposed by the Department of Homeland Security (DHS).

At the time, DHS issued a binding directive to all federal agencies to find and end the use of Kaspersky software within 90 days, citing concerns around the Russian-based company's ties to the Kremlin.

In response, Kaspersky Lab is saying it did not receive due process, and that DHS has harmed the company's reputation and commercial interests "without any evidence".

"[DHS] relied primarily on subjective, non-technical public sources like uncorroborated and often anonymously sourced media reports and rumors in issuing and finalizing the directive," eponymous CEO Eugene Kaspersky wrote in a blog post.

Kaspersky said the company wrote to DHS in mid-July to try to address any concerns the agency had, and while DHS acknowledged receipt of the communication, it did not follow up.

"There was no subsequent communication from DHS to Kaspersky Lab until the notification regarding the issuance of Binding Operational Directive 17-01 on September 13, 2017," Kaspersky said.

When issuing the ban, DHS said Kaspersky products caused infosec risks on federal information systems, had broad access to files and elevated privileges, and could be "exploited by malicious cyber actors to compromise those information systems".

These capabilities are not unique to his company, Kaspersky wrote, and DHS could have addressed the issue holistically rather than singling out his company.

"Despite the relatively small percentage of the company's US revenue attributable to active software licences held by federal government entities, DHS' actions have caused a disproportionate and unwarranted adverse impact on Kaspersky Lab's consumer, commercial, and state, local, and education business interests in the United States and globally," Kaspersky said.

"DHS has harmed Kaspersky Lab's reputation, negatively affected the livelihoods of its US-based employees and US-based business partners, and undermined the company's contributions to the broader cybersecurity community."

DHS had previously claimed that Russian law allows Moscow's intelligence agencies to request or compel assistance from Kaspersky Lab and to intercept communications transiting Russian networks.

"The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalise on access provided by Kaspersky Lab products to compromise federal information and information systems directly implicates US national security," DHS said.

In November, Kaspersky said that if the Kremlin did ask the company to spy, the business would be moved outside Russia.

"We've never helped espionage agencies. It doesn't matter if they're Russians or from any other nation. We do our best at our products and services," Kaspersky said at the time.

"They're designed to stop attacks, to recognise malicious code, not to spy on our customers."

In October, it was reported that Israeli intelligence officers hacked Kaspersky Labs in 2014, and found Russia government hackers using its antivirus software to "search computers around the globe for US intelligence programs".

Related Coverage

• Eugene Kaspersky: We would quit Moscow if Russia asked us to spy
• Kaspersky finds backdoor in business software that left hundreds of companies vulnerable
• Kaspersky says NSA hacking tools obtained after malware was found
• Kaspersky Lab tries to claw back trust with transparency initiative
• Israeli hackers caught Russian hackers exploiting Kaspersky, NYT reports
• Beyond Kaspersky: How a digital Cold War with Russia threatens the IT industry
• Ransomware: A cheat sheet for professionals (TechRepublic)
• UK companies hoarding Bitcoin to prepare for ransomware attacks (TechRepublic)
• Homeland Security bans Kaspersky Lab software across US government
• Kaspersky Lab secures contract with Brazilian Armed Forces