Sen. Jeanne Shaheen (D-N.H.) is pushing for a federal government-wide ban of security software developed by Russian cybersecurity firm Kaspersky Lab.
Sen. Shaheen claimed that the company revealed its malicious activities when it allegedly worked with Russian military intelligence and its founder Eugene Kaspersky instructed staff to work on a “secret project” for the F.S.B.'s Moscow offices, in a Sept. 6 press release.
“Americans were outraged by Russia's interference in our presidential election, but a wider threat is Russia's doctrine of hybrid warfare, which includes cybersabotage of critical American infrastructure from nuclear plants to electrical grids," Shaheen said in the release. "Kaspersky Lab, with an active presence in millions of computer systems in the United States, is capable of playing a powerful role in such an assault. It's time to put a stop to this threat to our national security.”
The senator also cited a public hearing of the Senate Intelligence Committee in May where six top intelligence officials, including the heads of the FBI, CIA and National Security Agency (NSA), unequivocally answered no when asked if they would be comfortable with Kaspersky Lab software on their agencies' computers, as an example of the threat the firm poses.
Shaheen has already successfully introduced an amendment to the Senate defense policy legislation that would bar the Defense Department from using Kaspersky Lab software and is now looking to expand the ban to all federal agencies.
Kaspersky products have previously been scrutinized as its founder graduated from the elite cryptology institute of the KGB and because Russian laws would require the company to assist the spy agency in its operations. Despite the claims, the firm maintains that it doesn't have inappropriate ties with any governments and that there is no credible public evidence to support otherwise.
““Kaspersky Lab has always acknowledged that it provides appropriate products and services to governments around the world to protect those organizations from cyberthreats, but it does not have unethical ties or affiliations with any government, including Russia,” Kaspersky Lab told SC Media in an emailed statement. “In addition, more than 85 percent of its revenue comes from outside of Russia, which further demonstrates that working inappropriately with any government would be detrimental to the company's bottom line”
The statement went on to Kaspersky Lab users have control over telemetry (data) sharing with their participation in Kaspersky Security Network (KSN) being voluntary and that business and government users may choose to install a local and private KSN center on their premises to make sure the data never leaves their facility.
“In addition, CEO Eugene Kaspersky has repeatedly offered to meet with government officials, testify before the U.S. Congress and provide the company's source code for an official audit to help address any questions the U.S. government has about the company, but Kaspersky Lab has only received a general reply from one agency at this time,” the firm said. “The company simply wants the opportunity to answer any questions and assist all concerned government organizations with any investigations, as Kaspersky Lab ardently believes a deeper examination of the company will confirm that these allegations are completely unfounded.”