Embattled Russian anti-virus company Kaspersky Lab has appealed against a ban of its products across US federal agencies.
Use of the company’s software has been prohibited for government bodies through a binding operational directive issued following allegations that Kaspersky Lab helped the Kremlin steal NSA tools.
Reports in The Wall Street Journal and The New York Times offered differing accounts of how the anti-virus software was allegedly used by the Russian state to capture classified hacking code.
Kaspersky Lab denied these claims. Its chief executive and namesake Eugene Kaspersky said the company was not given the opportunity to respond to the allegations in a technical manner.
The company argues that the directive, which was issued by the Department of Homeland Security, was “unconstitutional and relied on subjective, non-technical public sources such as uncorroborated and often anonymously sourced media reports, related claims, and rumours.”
Kaspersky Lab argued that Homeland Security had “failed to provide the company adequate due process to rebut the unsubstantiated allegations underlying the directive and has not provided any evidence of wrongdoing by the company”.
Whether such evidence could be provided considering the classified nature of the material alleged to have been stolen is unclear, but the company is citing the reputational and revenue impact of the directive in bringing its appeal.
In an interview with Sky News, Mr Kaspersky said that it was “very possible” that his company detected NSA malware, but denied having any improper relationship with the Russian state.
At the time, he described the allegations as “definitely not true” but said his business saw “almost zero opportunity for us to start legal action against the United States media because this information was made in such a way that it’s not possible to start the legal case”.
Announcing a global transparency initiative to attempt to repair the hit to its reputation, Kaspersky Lab subsequently released information suggesting an NSA hacker had lost agency malware after stashing it on his home computer.
It said the NSA worker had also installed pirate software which allowed other hackers access, rather than their computer being compromised via Kremlin-based hackers using Kaspersky Lab’s anti-virus software.
Concerns regarding the Kremlin’s ability to compel access to Kaspersky Lab’s systems based in Russia led to the UK’s National Cyber Security Centre warning against using the software on computers holding classified information.
NCSC’s chief executive, Ciaran Martin, said the agency was in talks with Kaspersky Lab to “develop a framework that we and others can independently verify” to safeguard its use.