The U.S. government announced Wednesday that it is phasing out federal agencies' use of security software made by the Russian brand, Kaspersky Lab. The directive was given "months" after the General Service Administration took Kaspersky off of the list of approved vendors because of a possible "vulnerability" in Kaspersky "that could give the Kremlin backdoor access to the systems the company protects," The Washington Post reported. At least six federal agencies use Kaspersky software.
"The department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks," the Department of Homeland Security said in a statement. "The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security."
In a statement to the Post, Kaspersky denied claims it had "inappropriate ties with any government," noting that "no credible evidence has been presented publicly by anyone or any organization." "The only conclusion seems to be that Kaspersky Lab, a private company, is caught in the middle of a geopolitical fight, and it's being treated unfairly even though the company has never helped, nor will help, any government in the world with its cyberespionage or offensive cyber efforts," the company said.
Federal agencies must discontinue use of Kaspersky software within 90 days.