Attacks/Breaches

12/18/2017
03:40 PM
Connect Directly
Google+
Twitter
RSS
E-Mail
100%
0%

Kaspersky Lab Files Lawsuit Over DHS Ban of its Products

Security firm petitions US District Court to rescind decision to prohibit its products on US federal government systems.

Kaspersky Lab is fighting back against the Trump administration's recent ban of its security products in agency networks with a lawsuit filed today in US District Court for the District of Columbia (DC).

The Moscow-based security company is seeking the appeal of US Department of Homeland Security's September 13 Binding Operational Directive 17-01 that banned federal agencies from using Kaspersky Lab security products on their systems. The DHS policy prohibiting the use of Kaspersky Lab software came in the wake of concerns about potential ties between officials at Kaspersky Lab and Russian intelligence agenices, and required federal agencies running Kaspersky software to remove it.

Eugene Kaspersky, CEO of Kaspersky, said in an open letter today that DHS's directive violated his company's rights and constitutional due process, and harmed its revenue and reputation, so legal action was merited. He also called out "rumors" and media reports.

"The company did not undertake this action lightly, but maintains that DHS failed to provide Kaspersky Lab with adequate due process and relied primarily on subjective, non-technical public sources like uncorroborated and often anonymously sourced media reports and rumors in issuing and finalizing the Directive," he wrote. "DHS has harmed Kaspersky Lab’s reputation and its commercial operations without any evidence of wrongdoing by the company. Therefore, it is in Kaspersky Lab’s interest to defend itself in this matter."

Kaspersky Lab argued its case under the Administrative Procedure Act.

Eugene Kaspersky noted that his company contacted DHS in mid-July to discuss any concerns with the company or its products, but the agency did not follow up on the company's offer to discuss its concerns.

"DHS confirmed receipt of Kaspersky Lab’s letter in mid-August, appreciating the company’s offer to provide said information and expressing interest in future communications with the company regarding this matter. Kaspersky Lab believed in good faith that DHS would take the company up on its offer to engage on these issues and hear from the company before taking any adverse action," the CEO said in the open letter. "However, there was no subsequent communication from DHS to Kaspersky Lab until the notification regarding the issuance of Binding Operational Directive 17-01 on September 13, 2017."

DHS in its decision to blacklist Kaspersky Lab software cited its concerns of Russian law requiring companies to cooperate with its intelligence agencies.

"The Department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks," the Department of Homeland Security stated in its ban decision. "The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates US national security." 

According to the firm, it is calling for its due process and "repair the harm caused to its commercial operations, its U.S.-based employees, and its U.S.-based business partners."  

"Because Kaspersky Lab has not been provided a fair opportunity in regards to the allegations and no technical evidence has been produced to validate DHS's actions, it is in the company's interests to defend itself in this matter. Regardless of the DHS decision, we will continue to do what really matters: make the world safer from cybercrime," Eugene Kaspersky said in a statement.

Related Content:

Kelly Jackson Higgins is Executive Editor at DarkReading.com. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Jim.d
50%
50%
Jim.d,
User Rank: Apprentice
12/19/2017 | 11:20:22 AM
Kaspersky Lawsuit
Won't the presence of the similar ban in the just signed National Defense Authorization Act make overturning this even more difficult?  Seems to me that the courts are reluctant to overturn things that passed both houses of congress and then are signed by the president.  
Russia Hacked Clinton's Computers Five Hours After Trump's Call
Robert Lemos, Technology Journalist/Data Researcher,  4/19/2019
Tips for the Aftermath of a Cyberattack
Kelly Sheridan, Staff Editor, Dark Reading,  4/17/2019
Why We Need a 'Cleaner Internet'
Darren Anstee, Chief Technology Officer at Arbor Networks,  4/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-7213
PUBLISHED: 2019-04-24
SmarterTools SmarterMail 16.x before build 6985 allows directory traversal. An authenticated user could delete arbitrary files or could create files in new folders in arbitrary locations on the mail server. This could lead to command execution on the server for instance by putting files inside the w...
CVE-2019-7214
PUBLISHED: 2019-04-24
SmarterTools SmarterMail 16.x before build 6985 allows deserialization of untrusted data. An unauthenticated attacker could run commands on the server when port 17001 was remotely accessible. This port is not accessible remotely by default after applying the Build 6985 patch.
CVE-2019-9734
PUBLISHED: 2019-04-24
aquaverde Aquarius CMS through 4.3.5 writes POST and GET parameters (including passwords) to a log file because of incorrect if/else usage in the Log-File writer component.
CVE-2019-9928
PUBLISHED: 2019-04-24
GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution.
CVE-2019-7211
PUBLISHED: 2019-04-24
SmarterTools SmarterMail 16.x before build 6995 has stored XSS. JavaScript code could be executed on the application by opening a malicious email or when viewing a malicious file attachment.