Cybersecurity

House panel asks agencies for docs from Russian cyber firm

A House panel has asked nearly two dozen government agencies for documents on Russian-origin cybersecurity firm Kaspersky Lab.

The House Science, Space and Technology Committee made the request to 22 different government agencies in letters that were released by the committee on Friday.

House Science Chairman Lamar Smith (R-Texas) wrote in the letters, sent Thursday, of concern that the cybersecurity firm’s products could be used to conduct “espionage” or “nefarious activities against the United States.”

Kaspersky Lab, which has headquarters in Moscow but operates around the world, including in the United States, has fallen under increased scrutiny over alleged ties to Russian intelligence.

{mosads}While the U.S. government has produced no public evidence showing the company to be somehow compromised by the Russian government, intelligence officials have nevertheless expressed concerns over its products. 

The issue was pushed to the forefront during a Senate Intelligence Committee hearing in May, when six top U.S. intelligence officials testified that they would not be comfortable with Kaspersky Lab software on their computers.

The committee has requested documents and communications about Kaspersky products dating back to the start of 2013. The letters also ask for lists of systems that use Kaspersky products or services and government contractors or subcontractors that use them. 

Smith wrote in the letters that “the committee is concerned that Kaspersky Lab is susceptible to manipulation by the Russian government, and that its products could be used as a tool for espionage, sabotage, or other nefarious activities against the United States.” 

The letters were sent to the departments of Commerce, Homeland Security, Energy and State, as well as the Pentagon and the individual service branches, in addition to several other agencies. Smith is requesting the information by Aug. 11. 

Smith couched the request as “part of an ongoing review of the federal government’s cybersecurity policies and standards.” 

The company has long described the suspicions of ties to the Russian government as baseless. Kaspersky’s anti-virus software is widely lauded in cybersecurity circles, and the company boasts 400 million users worldwide. 

“Kaspersky Lab has no ties to any government, and the company has never helped, nor will help, any government in the world with its cyberespionage efforts,” the company said in an emailed statement to The Hill on Friday.

“The company has a 20 year history in the IT security industry of always abiding by the highest ethical business practices and trustworthy development of technologies, and Kaspersky Lab believes it is completely unacceptable that the company is being unjustly accused without any hard evidence to back up these false allegations,” Kaspersky said. 

The issue has been amplified by the U.S. intelligence community’s conclusion that Russia sought to interfere in the 2016 presidential election using cyberattacks and disinformation. In June, Senate lawmakers with oversight of the Defense Department inserted language into a fiscal 2018 defense policy bill that would bar the Pentagon from using Kaspersky software.

This month, the General Services Administration removed Kaspersky-manufactured products from a list of outside products approved for use by government agencies. 

The developments have frustrated the company’s founder, Eugene Kaspersky. “With the U.S. and Russia at odds, somehow, my company, its innovative and proven products as well as our amazing employees are repeatedly being defamed,” he wrote in a June blog post. 

The company’s North America division is separate from the headquarters in Russia.