The House Science, Space and Technology Committee is asking federal agencies across most of the government to turn over information about computer systems that use a controversial Russian anti-virus software.
The letter from Chairman Lamar Smith, R-Texas, asks federal department and agency leaders for lists of computers or systems that use Kaspersky Lab anti-virus, agency contractors that use Kaspersky products, and documentation about the products’ implementation.
Smith sent the letter to 19 departments and agencies and to the secretaries of the Army, Navy and Air Force.
» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.
“The Committee is concerned that Kaspersky Lab is susceptible to manipulation by the Russian government, and that its products could be used as a tool for espionage, sabotage, or other nefarious activities against the United States,” the letter states.
The letter is the latest blow for the Moscow-based cybersecurity company, which intelligence, law enforcement and cybersecurity officials have suggested is too close to the Russian government.
Earlier this month, the General Services Administration removed Kaspersky products from governmentwide contract vehicles, making it significantly more difficult for agencies to ink new contracts that include the Russian anti-virus.
A provision in the Senate version of a major defense policy bill would bar the Pentagon from using Kaspersky on any military systems.
The company and founder Eugene Kaspersky have consistently denied any compromising ties with the Russian government. Eugene Kaspersky argued in a late June blog post that his company was being unfairly maligned because of broader geopolitical tensions flowing from Russian government efforts to meddle in the 2016 U.S. election.
The House committee oversees the Commerce Department’s National Institute of Standards and Technology, the government’s cyber standards agency, which gives it an interest in cybersecurity across the government.
President Donald Trump ordered agencies to implement a cybersecurity framework NIST developed for the private sector in a May executive order.