DHS, Kaspersky Resume Court Battle Over Government Ban

Eugene Kaspersky, Russian antivirus programs developer and chief executive of Russia's Kaspersky Lab, poses for a photo on a balcony at his company's headquarters in Moscow, Russia, Saturday, July 1, 2017.

Eugene Kaspersky, Russian antivirus programs developer and chief executive of Russia's Kaspersky Lab, poses for a photo on a balcony at his company's headquarters in Moscow, Russia, Saturday, July 1, 2017. Pavel Golovkin/AP

The department opposed a Kaspersky motion to overturn the governmentwide ban on its anti-virus.

It would be pointless for a court to halt and reverse a governmentwide ban on the Kaspersky anti-virus, because no federal agency is likely to add the Russian software back on its computer systems, government officials said in legal filings Tuesday.

The Homeland Security Department ordered the Kaspersky ban in September of last year. Congress also required Kaspersky to be scrubbed from government systems in legislation that will take effect in October of this year.

Kaspersky sued over that Homeland Security ban in December and asked a federal court to immediately halt it in January, but it’s scarcely conceivable that an agency chief information officer or acquisition lead would choose to buy or re-install Kaspersky in the short period before the congressional ban takes effect, officials said in legal filings.

That’s without even considering the original reasoning behind the ban—concerns that Russian intelligence agencies could exploit Kaspersky software to spy on or steal sensitive government data.

“The specific personnel and internal decision-making processes vary between agencies, but all agencies are acutely aware of the need to avoid use of IT products that increase risks to their information and information systems,” Grant Schneider, the government’s acting chief information security officer said in a statement appended to the Homeland Security motion opposing Kaspersky’s request.  

More specifically, the Homeland Security motion argues, there’s no legal basis for Kaspersky to seek a reversal if reversing the ban wouldn’t actually change anything.

“Nothing of any practical value would come from a favorable ruling here,” the memo states.

Kaspersky has not taken legal action so far against the congressional ban, which was included in an annual defense policy bill.

Kaspersky’s broader argument is that Homeland Security violated its constitutional rights by effectively imposing the ban before the company had a chance to defend itself and then carrying through with it despite the company’s efforts to clear its name.

Homeland Security argues, conversely, that “Kaspersky’s own account shows that DHS went above and beyond what is procedurally required, including providing the company adequate opportunity to review the agency’s grounds [for its decision] and submit information in opposition before DHS made a final decision.”

The law that authorizes the Kaspersky ban—the Federal Information Security Management Act—also cannot be legally challenged under Administrative Procedures Act, as Kaspersky has done, the government argued.

Kaspersky has consistently denied collaborating with Russian intelligence agencies.

The government has not provided direct evidence of such collusion but has cited Russian data laws that it says would make it difficult for Kaspersky to withstand Russian government pressure to cooperate. Kaspersky argues that the U.S. misinterpreted those laws.

The Russian government, or any other cyber actor, might also try to exploit digital vulnerabilities in Kaspersky anti-virus—or any other anti-virus—to use it as a spying tool.

Anti-virus is an especially powerful form of software with broad authority to browse through a computer’s files and to quarantine or remove files that might be infected with malware. That would make it an excellent spying tool.

“The prospect that Kaspersky would be willing to facilitate a Russian cyberattack is not the only concern,” Homeland Security argued in Tuesday’s filing, adding that “Russia has the tools to use Kaspersky software as a platform for espionage whether or not the company is willing to cooperate.”