Kaspersky Lab faces new wave of allegations
Russia-headquartered security vendor could be blocked from US Federal sales
Cyber security vendor Kaspersky Lab, is once again facing challenges when it comes to its Russian heritage, after reports emerged that it might be blocked from selling to the entire US federal government and that it had worked with Russian intelligence.
According to an ABC report, citing unnamed government sources, the Trump administration is considering removing Kaspersky from the GSA Schedule, which would prevent all federal agencies from buying its solutions. The report said a decision could emerge in the next few days.
Kaspersky has global headquarters in Moscow and has North American headquarters in Woburn, Massachusetts.
The Senate Armed Services Committee last month passed a bill to prohibit the US Defense Department from using the security vendor's software over concerns that it "might be vulnerable to Russian government influence." The bill still needs to make its way through Congress before being signed by President Donald Trump.
A second report, in Bloomberg, also alleged that Kaspersky had been working with the Russian intelligence agency FSB, citing internal emails it had obtained. It said the relationship included developing technologies for the agency to prevent against DDoS attacks.
Kaspersky published a lengthy blog post slamming the reports, particularly the latter Bloomberg report on its alleged relationship with the Russian intelligence community. Kaspersky said it "regularly" works with governments and law enforcement agencies around the world, but does "not have inappropriate ties with any government."
The report alleged that Kaspersky had worked in tandem with the Russian government around its anti-virus and DDoS prevention offerings. It also said it had cooperated with hosting companies and the FSB to provide intelligence on hackers and their locations for raids. Kaspersky denied all of these claims, saying it regularly works with other vendors to integrate its technologies through licensing agreements, that the Russian government is not a Kaspersky Lab DDoS Protection client, and makes hourly updates to the software in a secure way (not communicating private information).
"In the internal communications referenced within the recent article, the facts are once again either being misinterpreted or manipulated to fit the agenda of certain individuals desperately wanting there to be inappropriate ties between the company, its CEO and the Russian government, but no matter what communication they claim to have, the facts clearly remain there is no evidence because no such inappropriate ties exist," Kaspersky Lab said in an official statement.