DHS prepares for possible legal action over Kaspersky directive

Representatives from the Department of Homeland Security are preparing for legal action over their directive to remove the anti-virus software from government systems.
Kaspersky sales
(Flickr/Norwegian University of Science and Technology)

The Department of Homeland Security is continuing to remove Kaspersky Lab software from federal systems after finding that 15 percent of federal agencies detected it on their systems, DHS’s assistant secretary for cybersecurity Jeanette Manfra told Congress Tuesday.

The hearing, held by the House’s Committee on Science, Space and Technology’s Subcommittee on Oversight, focused on the September DHS directive to remove Kaspersky Lab software from federal systems.

Tuesday’s hearing comes after a similar Kaspersky-focused hearing on Capitol Hill held last month.

DHS is preparing for possible legal action from Kaspersky. Late Friday night, Kaspersky Lab delivered a long written response to Homeland Security’s directive banning software from the Moscow-based cybersecurity firm. Lawyers from DHS are reviewing the response.


“The company hopes that DHS will reconsider the repercussions of its Directive in light of the facts presented, and Kaspersky Lab continues to consider all of its possible options,” a Kaspersky Lab spokesperson told CyberScoop.

Rep. Bill Posey, R-Fla., raised his eyebrows over the prospect of legal action from Kaspersky.

“To paraphrase Clint Eastwood: ‘Go ahead and make my day,'” Posey said.

Kaspersky has repeatedly denied any wrongdoing, with company executives saying they are pawns in a U.S.-Russian geopolitical game.

Eugene Kaspersky, the Moscow-based cybersecurity firm’s founder and CEO, previously offered a source code review to the U.S. government. Manfra brushed off the offer and said although it would be welcome, it would not be sufficient to alleviate the government’s concerns.


Cybersecurity experts have repeatedly pointed out that a source code review would reveal little about the ongoing action of Kaspersky’s anti-virus for several reasons, including that anti-virus by design always has enormous access to data on a host machine.

Manfra said that 94 percent of agencies have responded to the DHS directive to remove Kaspersky from federal systems which, she clarified, does apply to federal contractors. The next phases of the plan are to develop an action plan for removal and then to implement the plan.

The Department of Defense, which is not subject to DHS directives, issued its own order to remove Kaspersky on August 3, 2017. A search of the Pentagon’s systems confirmed they do not have Kaspersky products, DOD CIO Essye Miller testified.

You can watch the full hearing here:

Patrick Howell O'Neill

Written by Patrick Howell O'Neill

Patrick Howell O’Neill is a cybersecurity reporter for CyberScoop based in San Francisco.

Latest Podcasts