Security Experts:

Kaspersky Files New Lawsuit Over U.S. Government Software Ban

Kaspersky Lab has filed a new lawsuit over the U.S. government’s decision to ban its products in federal agencies, this time challenging the National Defense Authorization Act (NDAA).

The NDAA for Fiscal Year 2018 was signed by President Donald Trump in mid-December and it reinforced the binding operational directive (BOD) issued by the Department of Homeland Security (DHS) in September, which ordered government agencies to stop using products from Kaspersky due to concerns regarding its ties to Russian intelligence.

Kaspersky filed a lawsuit to appeal the BOD on December 18, a few days after President Trump signed the NDAA. Last month, the security firm filed an injunction in an effort to expedite the appeal.

The government filed a response to the injunction earlier this month and Kaspersky responded this week with a new lawsuit that challenges the NDAA as a bill of attainder.

A bill of attainder is a legislative act that singles out an individual or group for punishment without a trial. Legislative bills of attainder are banned by the U.S. constitution.

“Kaspersky Lab has filed an action challenging the constitutionality of Section 1634 (a) and (b) of the National Defense Authorization Act for Fiscal Year 2018, which prohibits any federal entity from using the company’s hardware, software or services. Kaspersky Lab believes that these provisions violate the U.S. Constitution by specifically and unfairly singling out the company for legislative punishment, based on vague and unsubstantiated allegations without any basis in fact,” Kaspersky Lab stated.

“No evidence has been presented of any wrongdoing by the company, or of any misuse of its products. Kaspersky Lab is proven to be one of the world’s leading IT security companies, with a track record of uncovering malicious code and threat actors regardless of their origin or purpose,” the company added.

Kaspersky has attempted to clear its name by launching a new transparency initiative that involves giving partners access to source code and paying significantly larger bug bounties for vulnerabilities found in the firm’s products.

It has also attempted to provide a logical explanation over accusations that its software had been exploited by Russian hackers to steal data belonging to the U.S. National Security Agency (NSA) from a contractor’s device.

Related: How Antivirus Software Can be the Perfect Spying Tool

Related: WikiLeaks Says CIA Impersonated Kaspersky Lab

view counter
Eduard Kovacs is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.