Trump Administration Finds Kaspersky Products in About One-Sixth of All US Agencies – Cleanup Begins
Trump administration put a ban on the use of Kaspersky Lab products in the government agencies in September. Following this ban that was a result of the US government suspecting the antivirus firm's products being used by Russia to spy on targets in the United States, a review was carried out by the Department of Homeland Security (DHS). In a statement to Congress earlier today, DHS has said that about one-sixth of all government agencies have detected some trace of Kaspersky Lab’s software on their systems.
Jeanette Manfra, assistant secretary for cyber security and communications at DHS, told Congress that all but six of the government's 102 agencies have submitted reports to DHS about removing Kaspersky products. Manfra added that the Department has no "conclusive evidence" at the moment that suggests that any of those networks were breached as a result of their use of Kaspersky software.
"Out of all the federal agencies, a small number have identified use of Kaspersky... about 15% of agencies that have reported. We’re working with each agency individually."
Since the ban, Kaspersky, a Moscow based cybersecurity firm, has repeatedly denied having any ties to any government. However, a report published last month revealed that firm might have become an unwitting target of the intelligence agencies as Israeli intelligence officials informed their US counterparts about Russian spies hacking into Kaspersky to secretly scan computers around the world for classified US government documents. Another report had added that Kaspersky had actually uploaded code of a malware designed by the NSA from a contractor's computer during a routine analysis and never informed the US government of the incident.
While the Trump administration hasn't confirmed or responded to any of these reports, they have certainly added into the US government's rhetoric of Kaspersky working with the Russians - willingly or not. Following these reports, Kaspersky Lab had suggested last month that it would submit the source code of its software to the US government and independent parties next year. Reuters reports that DHS has said such a step, while welcomed, would “not be sufficient” to address concerns.
The federal agencies have until December 12 to remove all the Kaspersky Lab products. Manfra said that "some of them have chosen to go ahead and remove the products ahead of schedule."