UPDATED 16:31 EDT / SEPTEMBER 13 2017

INFRA

Homeland Security bans Kaspersky software amid Russian espionage concerns

The U.S. Department of Homeland Security today ordered government agencies to stop using software made by Russian cybersecurity firm Kaspersky Lab.

Kaspersky, which has been under investigation for several months for alleged espionage activity, had already been removed from the General Services Administration’s list of approved vendors in June. The new Binding Operational Directive from the DHS officially bars the company’s software from all federal executive branch departments and agencies.

As part of the new order, government agencies have 30 days to determine if their systems use software from Kaspersky, 60 days to develop plans for its removal and then 90 days to completely remove the software from their systems “unless directed otherwise by DHS based on new information.”

Founder Eugene Kaspersky (pictured) offered to provide the source code of his company’s software to the U.S. government in July, saying that he was willing to do “anything I can do to prove that we don’t behave maliciously.” However, it appears that the DHS is not satisfied with Kaspersky’s assurances.

“This action is based on the information security risks presented by the use of Kaspersky products on federal information systems,” the DHS said in a statement. “Kaspersky anti-virus products and solutions provide broad access to files and elevated privileges on the computers on which the software is installed, which can be exploited by malicious cyber actors to compromise those information systems.”

The DHS offered some explanation for the move: “The Department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks. The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security.”

The department said that its priority is to “ensure the integrity and security of federal information systems.” The agency also said that though this ban specifically affects a Russian company, the DHS will take the same action against any company that might “present a security risk.”

Photo: Kaspersky Lab [CC BY 2.0], via Wikimedia Commons

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU