Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Compliance

Kaspersky Files Injunction to Expedite Appeal Against DHS Ban

Kaspersky Lab last week filed a motion for a preliminary injunction as part of its appeal against the U.S. Department of Homeland Security’s decision to ban the company’s products in federal agencies.

Kaspersky Lab last week filed a motion for a preliminary injunction as part of its appeal against the U.S. Department of Homeland Security’s decision to ban the company’s products in federal agencies.

Kaspersky’s appeal targets the DHS’s Binding Operational Directive (BOD) 17-01, which the agency issued in September in response to concerns that the company may be aiding Russia’s espionage efforts. President Donald Trump reinforced the ban in mid-December with the National Defense Authorization Act for FY2018.

The security firm filed a lawsuit against the U.S. government shortly after the president signed the bill, arguing that the ban is unconstitutional as it infringes the company’s due process rights. Kaspersky believes the DHS should have given it the opportunity to view the information obtained by the agency before the directive was issued.

“[Kaspersky] has made this filing in hopes that the court will address and resolve the appeal expeditiously in light of the BOD’s damage to the company,” Kaspersky told SecurityWeek.

“The company asserts that the DHS decision is unconstitutional and relied on subjective, non-technical public sources, such as uncorroborated and often anonymously sourced media reports, related claims, and rumors. Furthermore, DHS has failed to provide the company adequate due process to rebut the unsubstantiated allegations underlying the BOD and has not provided any evidence of wrongdoing by the company,” it added.

When it announced the lawsuit, Kaspersky said it had voluntarily reached out to the DHS in July and offered to assist with any investigation into the company and its products. While the agency seemed to appreciate the offer, it did not follow-up and instead issued the controversial directive without warning.

The security firm said that while only a relatively small percentage of its revenue comes from the U.S. government, the DHS’s actions have had a negative impact on sales in other sectors, in both the United States and other countries.

The accusations against Kaspersky Lab stem from the connection between Eugene Kaspersky, the company’s founder and CEO, and Russian intelligence.

“Dissuading consumers and businesses in the United States and abroad from using Kaspersky Lab products solely because of its geographic origins and without any credible evidence does not constitute a risk-based approach to cybersecurity and does little to address information security concerns related to government networks,” Mr. Kaspersky said when the appeal was filed.

Kaspersky has attempted to clear its name by launching a new transparency initiative that involves giving partners access to source code and paying significantly larger bug bounties for vulnerabilities found in the firm’s products.

It has also attempted to provide a logical explanation over accusations that its software had been exploited by Russian hackers to steal data belonging to the U.S. National Security Agency (NSA) from a contractor’s device.

Related: How Antivirus Software Can be the Perfect Spying Tool

Related: WikiLeaks Says CIA Impersonated Kaspersky Lab

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Cyberwarfare

Iranian APT Moses Staff is leaking data stolen from Saudi Arabia government ministries under the recently created Abraham's Ax persona

Cybercrime

Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.

Audits

Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...