Skip to main content

The U.S. bans Kaspersky Lab software and services in federal agencies

A close up of a woman using a laptop that is displaying Kaspersky software on its screen.
Image used with permission by copyright holder
Section 1634 of the government’s National Defense Authorization Act for Fiscal Year 2018 now bans federal agencies from using software developed by Moscow-based Kaspersky Lab. The ban became law on Tuesday, December 12, signed by President Donald Trump, after the entire NDAA was introduced as a bill by the House of Representatives in June (H.R. 2810). It also covers plans for Army/Navy/Air Force programs, Reserve Forces, office personnel policy, military justice, and more.

The ban on using anything developed by Kaspersky Lab will begin October 1, 2018. It includes any company that serves as a successor, any company with a major part owned by Kaspersky, and any entity that controls/controlled by/under common control with Kaspersky Lab. Ultimately, the law covers any software that may be remotely related to the Russian computer security firm.

Recommended Videos

“No department, agency, organization, or other element of the Federal Government may use, whether directly or through work with or on behalf of another department, agency, organization, or element of the Federal Government, any hardware, software, or services developed or provided, in whole or in part,” the law states.

Please enable Javascript to view this content

The government is now investigating the saturation of Kaspersky Lab’s software and services in federal agencies, and will submit a mostly unclassified report to congressional committees within 180 days. It will detail plans regarding the removal of software, prevention of the software, steps taken by supply chain risk management, monitoring information technology networks, and more.

“Considering the grave risk that Kaspersky Lab poses to our national security, it’s necessary that the current directive to remove Kaspersky Lab software from government computers be broadened and reinforced by statute,” said Senator Jeanne Shaheen (D-NH). “The case against Kaspersky is well-documented and deeply concerning.”

Shaheen claimed in September that Kaspersky Lab has “extensive” ties to Russian intelligence. By removing the software and discontinuing services, she believes the government will eliminate a security vulnerability that is possibly in use by Russian intelligence. At her defense are six top intelligence officials, who said during a public hearing that they wouldn’t be comfortable installing Kaspersky Lab software in their agencies. Unfortunately, their reasons are classified.

Shaheen pointed out months ago that Kaspersky Lab founder Eugene Kaspersky was part of the former Soviet Union’s KGB, and then became a software engineer for the Soviet military intelligence. And despite Kaspersky’s claims otherwise, the U.S. government supposedly has evidence that Kaspersky Lab is tied to the KGB successor: Russia’s Federal Security Service.

After Shaheen’s report in September, Kaspersky Lab said it would provide its source code to third parties as part of a new “comprehensive transparency initiative” starting early next year. The company also said it would establish transparency centers across the globe with three located in Asia, Europe, and North America by 2020. Still, Washington wasn’t completely convinced, and is now banning Kaspersky Lab’s software and services.

Naturally, Kaspersky Lab isn’t happy and accuses Congress of singling the company out due to the location of its headquarters. But if Russian intelligence really is using Kaspersky Lab software to gain data from American federal agencies, then Section 1634 is long overdue.

Kevin Parrish
Former Digital Trends Contributor
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
Trump gives ByteDance 90 days to sell U.S. assets of TikTok
tiktok logo next to trump

President Donald Trump gave ByteDance 90 days to sell the U.S. assets of TikTok, due to "credible evidence" that the Chinese parent company presents a threat to the country's national security.

The 90 days starts from the issuance of the executive order on Friday night, which sets the deadline to divest all U.S. interest and rights by November 12. This gives ByteDance more time to secure a deal, as the company was previously only given until September 15, and until September 20 for U.S. transactions.

Read more
Trump says he’ll ban TikTok from the U.S.
Trump stylized image

President Donald Trump said he will ban the popular video app TikTok from operating in the U.S. -- and do it as early as Saturday.

Trump told reporters aboard Air Force One Friday evening that he will use emergency powers or an executive order to block the app, according to The Hill. “As far as TikTok is concerned, we’re banning them from the United States,” he told reporters. "I have that authority."

Read more
Trump to order TikTok’s Chinese owners to sell U.S. operations
Trump stylized image

President Donald Trump will reportedly order TikTok’s Chinese parent company ByteDance to sell TikTok's U.S operations.

In the official response from the White House, Trump will reportedly not ban the viral video app but will demand its U.S operations be removed from Chinese control, according to Bloomberg. This decision comes after the app drew heavy fire over its data collection policies, leading to a statement from Secretary of State Mike Pompeo that suggested the U.S would follow India’s lead in banning the app.

Read more