20 years ago, Eugene Kaspersky founded Kaspersky Lab. You’ll find the anti-malware software the company develops installed on computers all over the world. You won’t, however, find it installed on U.S. government computers if the Department of Homeland Security has its way.
Today, the DHS issued a “binding operational directive” that called on all Federal Executive Branch departments and agencies to stop using Kaspersky products. Those department and agencies have just 30 days to locate all instances of a Kaspersky product on their systems, 30 more to come up with a plan to remove and replace that software, and 30 more to start executing that plan.
90 days from discovery to replacement is a very tight schedule in the world of I.T., particularly when you’re talking about the normally slow-moving world of government systems. That underscores just how urgent Homeland Security believes this situation is.
As spelled out in the Directive, the Department’s concern is that “ties between certain Kaspersky officials and Russian intelligence and other government agencies” coupled with laws that grant the country’s intelligence agencies to force firms like Kaspersky to spy on communications sent to its servers in Russia. “The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security,” the Directive states.
For months now, there’s been a storm brewing around Kaspersky security software. In July, the Trump administration dropped Kaspersky from the General Services Administration’s list of approved vendors. It’s worth noting that Russia shares these concerns over foreign software. A senior Russian official made similar demands in February of last year, requesting that his government ban the use of all Microsoft products. It was actually the second time a Russian official had singled out Microsoft in the past three years.
Earlier this month, Kaspersky Labs’ U.S. branch posted a response to Senator Jeanne Shaheen’s (D, NH) scathing editorial. Kaspersky has defended his company on multiple occasions, too, most recently this morning right here at Forbes.com.
In that post he lamented that “misinformation and inaccurate perceptions are driving forward a dangerous agenda that may impact global cybersecurity.” Kaspersky added that the company “want[s] to help, but unfortunately the current geopolitical turbulence and recent allegations do not help us in protecting America.”