Security

SCOLD WAR: Kaspersky drags Uncle Sam into court to battle AV ban

Russian biz sues US govt for torpedoing anti-malware tool installations

By Shaun Nichols in San Francisco

72 SHARE

Embattled Russian security software maker Kaspersky Lab has taken the American government to a US federal court to overturn Uncle Sam's ban on its antivirus tools.

The Moscow-based developer claimed the US Department of Homeland Security acted illegally when, back in September, the department publicly told federal agencies they could no longer use any Kaspersky products on their machines.

Kaspersky argued that the order, known as binding operational directive 17-01, is unconstitutional, and relied on "subjective, non-technical public sources" that amounted to little more than rumors.

"Furthermore, DHS [the Department of Homeland Security] has failed to provide the company adequate due process to rebut the unsubstantiated allegations underlying the directive, and has not provided any evidence of wrongdoing by the company," Kaspersky Lab said in announcing its appeal against the order on Monday.

"As a result, DHS’s actions have caused undue damage to both the company’s reputation in the IT security industry and its sales in the US. It has unfairly called into question Kaspersky Lab’s fundamental principles of protecting its customers and combatting cyber threats, regardless of their origin or purpose. In filing this appeal, Kaspersky Lab hopes to protect its due process rights under the US Constitution and federal law and repair the harm caused to its commercial operations, its US-based employees, and its US-based business partners."

The directive ordered IT administrators at US government agencies to wipe all copies of Kaspersky Labs products from their machines by the end of this year. This came after fears were raised that Kaspersky was secretly passing information from its customers' computers, including top-secret American government files, to Russian intelligence agencies.

In December, a former NSA worker admitted to taking home classified documents and security exploits only to have them detected and uploaded to Kaspersky's cloud for analysis by his copy of Kaspersky antivirus on his home PC. According to anonymous US government sources, Russian FSB spies accessed those documents via Kaspersky's software.

Kaspersky: Clumsy NSA leak snoop's PC was packed with malware

READ MORE

Kaspersky has long denied any dodgy collaborations with Kremlin snoops, though it is understood the company can be compelled, by law, to hand over data to President Putin's surveillance agencies. The thought of Russian intelligence, or any old miscreants, extracting sensitive information from US federal PCs via Kaspersky's tools, frankly, freaks out American officials.

The biz hopes to wield the US Administrative Procedure Act like a hammer in a Washington DC federal court, and deliver a knockout blow to the directive on the basis that it is allegedly unconstitutional. Kaspersky also claimed it tried to negotiate and cooperate with Homeland Security to ensure it can keep its software on government computers, but did not hear anything from Uncle Sam on the matter.

"Because Kaspersky Lab has not been provided a fair opportunity in regards to the allegations and no technical evidence has been produced to validate DHS's actions, it is in the company’s interests to defend itself in this matter," Kaspersky founder and CEO Eugene Kaspersky said of the appeal.

In a statement, issued alongside the directive, a Homeland Security spokesperson said: "Kaspersky antivirus products and solutions provide broad access to files and elevated privileges on the computers on which the software is installed, which can be exploited by malicious cyber actors to compromise those information systems.

"The department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks.

"The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates US national security." ®

Sign up to our NewsletterGet IT in your inbox daily

72 Comments

More from The Register

We're Putin our foot down! DHS, FBI blame Russia for ongoing infrastructure hacks

Alert adds detail to 'Dragonfly' cyber-attack disclosed last year

FBI fingers North Korea for two malware strains

'Joanap' and 'Brambul' harvest info about your systems and send it home

Russian malware harvesting Telegram Desktop creds, chats

Python programmer may have outed himself on YouTube

Russia to Apple: Kill Telegram crypto-chat – or the App Store gets it

We know you’re busy, Mr Cook, but please reply before we become … unpleasant

Won’t patch systems? Never run malware scans? Welcome to the US State Department!

Don’t worry, they’re only in charge of catching visa and passport fraud

In World Cup Russia, our Wi-Fi networks will log on to you!

Researchers warn of shady hotspots in host cities

Russia appears to be 'live testing' cyber attacks – Former UK spy boss Robert Hannigan

InfoSec Europe Warns that nation state hacking threatens corporate networks

Fancy Bear still Putin out new modules for VPNFilter malware

Talos turns up obfuscation, lateral attacks, and proxies

Soyuz later! Russia may exit satellite launch biz

Is it worth competing with SpaceX prices?

Trump wants to work with Russia on infosec. Security experts: lol no

Thanks for Putin that out there