The Russian cybersecurity firm Kaspersky Lab has been dogged by allegations of Russian intelligence influence for years. And a U.S. senator has just turned up the heat to boot the firm’s software off all federal systems.
In a New York Times op-ed provocatively titled “The Russian Company That Is a Danger to Our Security,” New Hampshire Democrat Jeanne Shaheen warns of Russian “cybersabotage of critical American infrastructure, from nuclear plants to electrical grids.”
“Kaspersky Lab, with an active presence in millions of computer systems in the United States, is capable of playing a powerful role in such an assault,” Shaheen wrote in her Tuesday piece. “It’s time to put a stop to this threat to our national security.”
Shaheen plans to amend the next big annual defense bill, the National Defense Authorization Act, “to ban Kaspersky software from all of the federal government.” Her stern words follow a rough American summer for Kaspersky Lab and its founder, Eugene Kaspersky, whose popular software has been used by various federal agencies.
The General Services Administration — which oversees the procurement policy for the federal government — ruled in mid-July that government agencies are not allowed to use Kaspersky products for information technology or digital photographic purposes. And on July 31, the House Science Committee sent letters to 22 government agencies asking for information about any potential use of Kaspersky software.
These moves were prompted by a series of reports in McClatchy and Bloomberg that pointed to Kremlin documents indicating Kaspersky has been working with the FSB, the Russian security and intelligence agency — even accompanying FSB agents on raids.
Shaheen’s hard line reflects the anti–Russian government attitude that’s become de rigueur among most U.S. politicians after the alleged Russian campaign to interfere in the 2016 election. However, some experts suggest that penalizing Kaspersky Lab would be a step too far. They point to some of Kaspersky’s critical work on cybersecurity, such as its effort to identify the culprits behind the devastating WannaCry hack that struck in mid-May.
“Today, the issue is one company, but plenty of technology firms have ties to intelligence services and governments,” said Philip Chertoff, a cybersecurity researcher at the think tank GLOBSEC Policy Institute, in a recent Wired op-ed. “If such bans come, these firms’ national governments will be sure to make U.S. tech firms share the pain, with retributive discrimination against U.S. products.”
In 2013, Congress passed a law restricting the use of Chinese network equipment in the United States, which put stringent limitations on how the Chinese firms ZTE and Huawei could operate, if at all, in the U.S.
A spokesperson for Kaspersky Lab said in a statement that Eugene Kaspersky is willing to meet with U.S. government officials, and that the allegations of collaboration with the FSB are false.