SCOLD WAR: Kaspersky drags Uncle Sam into court to battle AV ban

Russian biz sues US govt for torpedoing anti-malware tool installations

By Shaun Nichols in San Francisco


Embattled Russian security software maker Kaspersky Lab has taken the American government to a US federal court to overturn Uncle Sam's ban on its antivirus tools.

The Moscow-based developer claimed the US Department of Homeland Security acted illegally when, back in September, the department publicly told federal agencies they could no longer use any Kaspersky products on their machines.

Kaspersky argued that the order, known as binding operational directive 17-01, is unconstitutional, and relied on "subjective, non-technical public sources" that amounted to little more than rumors.

"Furthermore, DHS [the Department of Homeland Security] has failed to provide the company adequate due process to rebut the unsubstantiated allegations underlying the directive, and has not provided any evidence of wrongdoing by the company," Kaspersky Lab said in announcing its appeal against the order on Monday.

"As a result, DHS’s actions have caused undue damage to both the company’s reputation in the IT security industry and its sales in the US. It has unfairly called into question Kaspersky Lab’s fundamental principles of protecting its customers and combatting cyber threats, regardless of their origin or purpose. In filing this appeal, Kaspersky Lab hopes to protect its due process rights under the US Constitution and federal law and repair the harm caused to its commercial operations, its US-based employees, and its US-based business partners."

The directive ordered IT administrators at US government agencies to wipe all copies of Kaspersky Labs products from their machines by the end of this year. This came after fears were raised that Kaspersky was secretly passing information from its customers' computers, including top-secret American government files, to Russian intelligence agencies.

In December, a former NSA worker admitted to taking home classified documents and security exploits only to have them detected and uploaded to Kaspersky's cloud for analysis by his copy of Kaspersky antivirus on his home PC. According to anonymous US government sources, Russian FSB spies accessed those documents via Kaspersky's software.

Kaspersky: Clumsy NSA leak snoop's PC was packed with malware


Kaspersky has long denied any dodgy collaborations with Kremlin snoops, though it is understood the company can be compelled, by law, to hand over data to President Putin's surveillance agencies. The thought of Russian intelligence, or any old miscreants, extracting sensitive information from US federal PCs via Kaspersky's tools, frankly, freaks out American officials.

The biz hopes to wield the US Administrative Procedure Act like a hammer in a Washington DC federal court, and deliver a knockout blow to the directive on the basis that it is allegedly unconstitutional. Kaspersky also claimed it tried to negotiate and cooperate with Homeland Security to ensure it can keep its software on government computers, but did not hear anything from Uncle Sam on the matter.

"Because Kaspersky Lab has not been provided a fair opportunity in regards to the allegations and no technical evidence has been produced to validate DHS's actions, it is in the company’s interests to defend itself in this matter," Kaspersky founder and CEO Eugene Kaspersky said of the appeal.

In a statement, issued alongside the directive, a Homeland Security spokesperson said: "Kaspersky antivirus products and solutions provide broad access to files and elevated privileges on the computers on which the software is installed, which can be exploited by malicious cyber actors to compromise those information systems.

"The department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks.

"The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates US national security." ®

Sign up to our NewsletterGet IT in your inbox daily


More from The Register

We're Putin our foot down! DHS, FBI blame Russia for ongoing infrastructure hacks

Alert adds detail to 'Dragonfly' cyber-attack disclosed last year

FBI fingers North Korea for two malware strains

'Joanap' and 'Brambul' harvest info about your systems and send it home

Russian malware harvesting Telegram Desktop creds, chats

Python programmer may have outed himself on YouTube

That Saudi oil and gas plant that got hacked. You'll never guess who could... OK, it's Russia

FireEye reckons it's fingered the miscreants behind nasty cyber-infection at industrial complex

Google Play Store spews malware onto 9 million 'Droids

How did these get through the net?

Russia to Apple: Kill Telegram crypto-chat – or the App Store gets it

We know you’re busy, Mr Cook, but please reply before we become … unpleasant

Czech yourself, Russia! Prague says its foreign ministry was hacked for more than a year

Report claims that from 2016-2017 the FSB was reading agency's emails

France: Let's make the internet safer. America, Russia, China: Let's go with 'no' on that

Big names missing from 'Paris Call for Trust and Security in Cyberspace'

Won’t patch systems? Never run malware scans? Welcome to the US State Department!

Don’t worry, they’re only in charge of catching visa and passport fraud

Scare Force: Pakistan military hit by Operation Shaheen malware

State-sponsored attack looks to infiltrate nuclear Air Force