Kaspersky loses Court of Appeals battle to reverse US government ban

The court maintains the threat of the Russian-based antimalware company is real

After a lengthy battle with the US government spanning over a year, Kaspersky Lab has lost its battle at the Washington DC Court of Appeals over the government's decision to ban its software from all federal government computers.

The court upheld the initial ruling made by a district court forbidding Kaspersky to bring a lawsuit against the US government following its "unconstitutional" claims which "relied on subjective, non-technical public sources such as uncorroborated and often anonymously sourced media reports, related claims and rumours", Kaspersky said in 2017.

The judges who upheld the district court's decision cited Congress's right to block the purchase of software provided by a specific vendor providing there is a genuine security risk associated with it.

"With or without Kaspersky's willing cooperation, explained the experts, the Russian government could use Kaspersky products as a backdoor into federal information systems," the court stated. "Then, having gained privileged and undetected access, Russia could make all manner of mischief."

Kaspersky's main argument centred around the punitive nature of the ban, claiming that the court's decision was less about protecting the government's safety, but punishing a firm with alleged ties with Russia's FSB.

Advertisement
Advertisement - Article continues below

"Since the company's inception over 21 years ago, it has always abided by the highest ethical business practices, and through our recently launched Global Transparency Initiative, Kaspersky Lab is exemplifying its ongoing commitment to assuring the integrity and trustworthiness of its products. Kaspersky Lab reaffirms that it has never, nor will ever, engage in cyber offensive activities, and the Court's decision does not conclude otherwise," the company said in a follow-up statement.

The order to ban Kaspersky from US government computers was originally made in 2017 by the Department of Homeland Security. All government departments and agencies were to develop plans to discontinue present and future use of Kaspersky's software from their computers within 90 days of the directive being issued.

"This action is based on the information security risks presented by the use of Kaspersky products on federal information systems," said the DHS in a statement. "Kaspersky anti-virus products and solutions provide broad access to files and elevated privileges on the computers on which the software is installed, which can be exploited by malicious cyber actors to compromise those information systems.

"The Department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks."

The ban wasn't just an explosive response to Russia's influence on the 2016 presidential election, back in 2014 the anti-malware software company was accused of providing a backdoor into federal departments' systems after a top-secret exploit code was stolen in an NSA leak.

The software is also used by Russia's FSB and allegations were immediately pointed at them but Kaspersky refuted these claims, citing pirated Microsoft Office software installed by an employee as the cause.

The keygen used to create a counterfeit Office key was, in fact, a trojan which dropped a backdoor in the system; Kaspersky was turned off in order to illegally install the software thus allowing the FSB to access the system via the backdoor.

Most recently, the EU published a cyber security report in June 2018, calling for a comprehensive review of all IT software and equipment used by all member states in an attempt to stop "an unprecedented threat" of "politically motivated, state-sponsored cyber attacks". It labelled Kaspersky as software that had "been confirmed as malicious".

Earlier on in the year, Kaspersky attempted to make amends and rebuild a strong reputation for themselves, increasing the reward for its bug bounty program to $100,000 per critical vulnerability found in its own systems. Despite this peace offering, the EU remained unconvinced and labelled the Moscow-based company's software as 'malicious' anyway later in the year.

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Recommended

Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019
Visit/endpoint-security/33558/kaspersky-endpoint-security-for-business-advanced-review-on-prem-security
endpoint security

Kaspersky Endpoint Security for Business Advanced review

1 May 2019
Visit/security/32977/kaspersky-internet-security-2019-review-unbeatable-value
Security

Kaspersky Internet Security 2019 review: Unbeatable value

12 Feb 2019

Most Popular

Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019
Visit/business/business-strategy/354252/huawei-takes-the-us-trade-sanctions-into-its-own-hands
Business strategy

Huawei takes the US trade sanctions into its own hands

3 Dec 2019
Visit/mobile/mobile-phones/354273/pablo-escobars-brother-launches-budget-foldable-phone
Mobile Phones

Pablo Escobar's brother launches budget foldable phone

4 Dec 2019