Kaspersky announced that it launched a lawsuit against the Trump administration arguing that the U.S. government’s ban of its software lacked due process and evidence of harm.
Kaspersky's Ban On U.S. Federal Networks
This September, the Department of Homeland Security (DHS), issued a directive to civil agencies to stop using Kaspersky software within 90 days after concerns that the antivirus may help the Russian government in infiltrating U.S. networks and stealing sensitive information.
The government previously accused Kaspersky of stealing classified information from a national security whistleblower called Reality Winner. Kaspersky admitted that it got the documents in a routine scan of Winner’s personal computer, but it said it immediately deleted those files once it learned what they were. It also offered to allow independent parties to review its antivirus’ source code, but the government didn’t think that was sufficient.
Last week, the new National Defense Authorization Act of 2018 included a clause that would ban any Kaspersky or Kaspersky-associated software from being used in the U.S. federal government. Guilty or not, this seems to have left Kaspersky no choice but to sue the U.S. government in order to save its reputation (and revenue).
Kaspersky’s Open Letter
Along with the lawsuit, Kaspersky also wrote an open letter to the U.S. government. The company argued that it has not been given the opportunity to defend itself properly before its technology was banned from use on federal networks. This has harmed its reputation and revenue, and Kaspersky believes that such actions violated the U.S. Constitution, more specifically the right to due process.
The company said that the U.S. government relied mainly upon uncorroborated media reports, not evidence, to support its conclusion that the Kaspersky antivirus is a security risk for U.S. federal networks.
Kaspersky also noted that although the revenue it obtained from licensing its software to U.S. federal agencies was only a small percentage of its revenue, the ban on its software had a disproportionate negative effect both in the U.S. as well as globally.
Kaspersky is now suing the U.S. government to try and repair that damage to its sales as well as its reputation (presuming the U.S. court will find Kaspersky innocent).
The government could very well be the instigator here, embedding things in their files to see where they end up.
The user in this case, Reality Winner, took documents from her work facility, which she wasn't supposed to do. This doesn't exactly strike me as the behavior of the most stellar computer user or employee. It isn't as though Kaspersky breached any sort of high security measures to acquire the documents. The initial breach seems to have been via sneaker net.
Finally, cloud based software solutions have to be expected to be hosted and operate, in the cloud, which means it can be anywhere in the world. Since Kaspersky Lab is headquartered in Moscow, it doesn't strike me as a far fetched idea that perhaps their cloud based servers are somewhere in say, Russia.
If you want cloud based antivirus software, but don't want it based in Russia, don't use Kaspersky. If however you choose to use Kaspersky, you don't exactly have a lot of room to complain when a document that triggers automatic sample submission ends up in Russia. I think ultimately it boils down to the poor decisions made by the NSA agent.