Kaspersky Antivirus Banned From Use On US Federal Networks

President Trump signed into law a bill that bans the Kaspersky Antivirus as well as any other software made by Kaspersky Labs from use in U.S. federal departments, agencies, or organizations. The law applies to any company that is controlled by Kaspersky in any way or in which it has majority ownership.

U.S. Government Bans Kaspersky

Earlier this year, a Wall Street Journal report backed by unnamed U.S. government sources said that hackers working for the Russian government stole documents from an NSA agent. The NSA agent in question took home classified data without permission, and because she was running the Kaspersky antivirus, the report alleged that this is how Kaspersky was able to identify the NSA documents.

Kaspersky has admitted that it identified the NSA files, but as soon as it did, the company deleted the documents its antivirus was able to capture for malware analysis. The antivirus firm also offered to allow independent parties to review its software code.

This response doesn’t seem to have convinced too many in Washington, because after the report, Congress has been scrambling to pass a bill that would ban the antivirus from federal agencies’ networks. The ban of Kaspersky’s software from the federal agencies’ networks was eventually written into the National Defense Authorization Act. The bill will go into effect from the start of 2018.

How It All Started

The whole situation seems to have started when an NSA agent, called Reality Winner, who seems to have been a source for some of The Intercept’s national security stories, took home some classified NSA documents. Kaspersky said that it encountered the documents by mistake, as the files were automatically uploaded to its cloud when the antivirus was scanning Winner’s computer.

This is one issue with cloud-based antivirus software - you have to have a high degree of trust in this type of security software when you’re allowing it to analyze every file you have in your computer and then to upload them to the vendor’s servers. Even Microsoft’s Windows Defender has a cloud component that is enabled by default these days.

The other side of the issue is that if Kaspersky wanted to look clean and not look like it stole the files or that it aided the Russian government to do that, it should have probably alerted the U.S. government about this incident itself.

It’s hard to imagine that wouldn’t have made the U.S. government believe its side of the story more, if the company was the one telling the government about the classified data being leaked by a potential rogue agent. In fact, with Kaspersky protecting multiple U.S. federal networks already, one could argue that was already part of its job.

However, Kaspersky didn’t do that, which makes everyone question the company’s motives and become more inclined to believe the accusations that it was somehow aiding the Russian government in stealing those files.

Dealing With The Aftermath

Regardless of whether or not Kaspersky had any role in Russian hackers obtaining the classified information, it looks like the U.S. government has already made-up its mind about the company, which should impact both Kaspersky’s bottom line as well as its reputation as a trustworthy security solution vendor. The company is now likely going to need to work extra hard to gain its customers' trust again.

Lucian Armasu
Lucian Armasu is a Contributing Writer for Tom's Hardware US. He covers software news and the issues surrounding privacy and security.
  • coolitic
    This is funny, because the CIA was found to be posing as Kaspersky on several occasions.
    Reply
  • raycrayz
    The US Government would also benefit if it gave it's employees basic IT training.

    And what kind of Government IT department lets an NSA agent install just any random anti-virus check on a government machine?

    Am I asking difficult questions?

    It shouldn't require Federal legislation to get the NSA IT department to do it's job properly.
    Any respectable Government IT dept wouldn't have used Kapersky in the first place if it's uploading documents. If they did, then it's not an IT department, more like a group of clowns.

    If there's any positive news in this, it's that Trump took this personally, because Trump did as Trump does and blamed the party that's not-at-fault.
    Reply
  • Math Geek
    20479976 said:
    And what kind of Government IT department lets an NSA agent install just any random anti-virus check on a government machine?

    the AV was installed on the home pc of the agent and not a gov owned pc. read it again and you'll see that you missed the first piece of the article!!

    "The NSA agent in question took home classified data without permission, and because she was running the Kaspersky antivirus, the report alleged that this is how Kaspersky was able to identify the NSA documents"
    Reply
  • therealduckofdeath
    ....and people called me mad when I called Kaspersky out ten years ago for being one giant malware installer. :)
    Reply
  • mrmez
    "...documents its antivirus was able to capture for malware analysis."

    I haven't had a virus scanner for close to a decade, but this kinda freaks me out, esp since now that it's mentioned it seems obvious, but I've never thought of it before.
    Reply
  • William_X89
    Somebody named "Reality Winner" should not be working at the NSA, or any government agency for that matter.
    Reply
  • plateLunch
    The price of Kapersky antivirus has been going down, down, down at Fry's electronics since the story broke. Last ad I saw, they were giving it away free with a promo code.
    Reply
  • Zaporro
    LOL US bans Kaspersky for finding NSA exploits - doing exactly what antivirus is meant to do. When you think things couldn't get more ridiculous.
    Reply
  • therealduckofdeath
    The brainwashed reverse (upsidedown) logic of Russians is hilarious.
    Reply
  • H4rdware
    The funny thing is that the market dominant OS is more then likely the one of the top, if not THE top, intelligence gathering resource on the planet.
    Reply