Following months of suspicion among the intelligence community of Kaspersky Lab's close ties with the Russian intelligence agencies, the Trump administration this week removed the company from its list of approved vendors used by the government agencies.
Earlier in the year, Moscow-based Kaspersky Labs had confirmed that the Russian law enforcement officials had arrested Ruslan Stoyanov, head of its computer incidents investigations unit as part of a probe into possible treason. While Russia believes the company may have been colluding with the US government, the US intelligence agencies have been probing into concerns that the cyber security firm's software could potentially be used by Russia to gain access to and attack US networks.
Kaspersky: "each side is attempting to use the company as a pawn in their political game"
A report by Bloomberg on Tuesday claimed that the paper had obtained internal company emails showing that Kaspersky Lab had a "closer working relationship with Russia’s main intelligence agency, the FSB, than it has publicly admitted." The report also claimed that Kaspersky had "developed security technology at the spy agency’s behest and worked on joint projects the CEO knew would be embarrassing if made public."
Kaspersky founder denied any and all the allegations made in the explosive report by Bloomberg (more in this press release).
PhD for 'banya journalism' goes to Bloomberg. Numerous allegations, misinterpretations & fakes. This story is BS brewed on political agenda
— Eugene Kaspersky (@e_kaspersky) July 11, 2017
Later on the same day, Reuters confirmed that the Trump administration is limiting government use of Kaspersky Lab software.
This decision wasn't a surprise as it was reported last month that the FBI was interviewing Kaspersky's employees in America. The company, however, said that it hadn't been "officially approached or notified by the bureau." ABC News reported that the White House, Department of Homeland Security, GSA, and other federal agencies conducted an "interagency review" of the issue.
Known as a schedule, the government list is maintained by the General Services Administration that removed the Kaspersky Lab-manufactured products from the schedule after "review and careful consideration." GSA said the decision has been taken to "ensure the integrity and security of U.S. government systems and networks and evaluate products and services available on our contracts using supply chain risk management processes."
Despite Tuesday's decision, federal agencies will still be able to use and acquire Kaspersky's services. However, they would need to do so outside of the GSA contracts, making the process more complicated. This week's decision to remove one of the world's biggest cybersecurity firm from the country's list of approved companies for products to be used by the government departments is the first concrete action taken against Kaspersky.
The antivirus maker, however, believes that it is simply "caught in the middle of a geopolitical fight where each side is attempting to use the company as a pawn in their political game." Kaspersky has repeatedly denied having any connections with both the Kremlin and the US government other than assisting "law enforcement agencies around the world with fighting cyberthreats."
"Kaspersky Lab is facing one of the most serious challenges to its business yet, given that members of the U.S. government wrongly believe the company or I or both are somehow tied to the Russian government," Eugene Kaspersky wrote in a blog post.
"Basically, it seems that because I'm a self-made entrepreneur who, due to my age and nationality, inevitably was educated during the Soviet era in Russia, they mistakenly conclude my company and I must be bosom buddies with the Russian intelligence agencies ... Yes, it is that absurdly ridiculous."
While the US government is yet to publicly share any evidence linking the AV firm with the Russian government, many in the government and the US security industry believe it is a necessary precaution. "The intelligence community has come out and said there's internal evidence saying Kaspersky is not playing fair and can't really be trusted," Alex McGeorge of Immunity Inc said. "It would send a good message and be a clear statement to Russia if the US government responded in kind and took aim exactly at the Russian cyber industry. That's what a deterrent would look like."
In a statement, Kaspersky said that the company "continues to be available to assist all concerned government organizations with any investigations, and the company ardently believes a deeper examination of Kaspersky Lab will confirm that these allegations are unfounded."
At this point, it looks unlikely that the Trump administration will roll back its decision following mounting suspicion among intelligence officials and the American lawmakers.
TL;DR?
Bloomberg: Kaspersky has close links to FSB.
Kaspersky: "This story is BS brewed on political agenda."
The US government: Goodbye, Kaspersky.
