Another US government committee takes aim at Kaspersky Lab
Worries about 'espionage, sabotage, or other nefarious activities' cough - NSA! - cough
A major US House of Representatives committee wants 22 government agencies to tell it where they've got Kaspersky Lab products in their networks.
The demand by the House of Representatives Committee on Science, Space and Technology comes amid escalating tension between the USA and Russia, after the latter on Sunday told the former to cut the size of its diplomatic missions by 755 people.
Kaspersky Lab has encountered other difficulties as the two antagonists find ways to irritiate one another: in June, staff were questioned by the FBI after a series of night raids, and the Senate Armed Services Committee recommended it be blocked from military contracts.
Kaspersky responded in July with an offer to show its source code to the USA, but mid-month, the government's General Services Administration removed the company from the US government list of approved vendors.
Late last week the science committee joined in, firing off a 122-page missive [PDF] to the 22 recipients.
The committee wants agencies to comb their files back to 2013 and provide “information regarding computers, systems, data, and any other information that may be accessible to Kaspersky Lab from each agency”, the committee's press release states.
Committee chair, Republican Lamar Smith, writes that the committee “is concerned that Kaspersky Lab is susceptible to manipulation by the Russian government, and that its products could be used as a tool for espionage, sabotage, or other nefarious activities against the United States”.
Smith's letter calls 2015's “Kasperskygate”, in which the company flagged rival AV packages as malicious.
The company said it was a simple false-positive accident, but the letter follows the Reuters line at the time, saying it was “a 'sabotage' campaign undoubtedly targeting the US cybersecurity market”.
At the time, even Symantec discounted the accusations, with Symantec researcher Liam O'Murchu saying the accusations were probably misguided.
Not good enough, writes Smith: “the Russian government could use products manufactured by Kaspersky Lab as a medium for engaging in nefarious cyber campaigns against US information systems … that are purportedly protected by the company's products”.
The letter went to all cabinet-level government agencies, including the Department of Commerce, the Department of Homeland Security, the Environmental Protection Agency and NASA. ®
Sponsored: Becoming a Pragmatic Security Leader