Russian embassy: Booting Kaspersky from US systems "regrettable"

Yes, but for whom? Nearly three months ago, word leaked that the FBI had opened an investigation into Kaspersky Lab, an anti-virus firm that had significant market penetration in the US — including in government systems. NBC noted at the time that US intelligence officials had been warning about connections between Kaspersky and the Vladimir Putin government in Moscow, although there were also some reasons to think that the relationship might be more adversarial than friendly.

The investigation has prompted the Trump administration to order government offices to purge Kaspersky Lab software from all systems, a move announced yesterday:

In a binding directive, acting homeland security secretary Elaine Duke ordered that federal civilian agencies identify Kaspersky Lab software on their networks. After 90 days, unless otherwise directed, they must remove the software, on the grounds that the company has connections to the Russian government and its software poses a security risk.

The Department of Homeland Security “is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks,” the department said in a statement. “The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security.”

In an earlier review, the General Services Administration took Kaspersky off of the approved vendor list after finding a specific vulnerability:

The directive comes months after the federal General Services Administration, the agency in charge of government purchasing, removed Kaspersky from its list of approved vendors. In doing so, the GSA suggested a vulnerability exists with Kaspersky that could give the Kremlin backdoor access to the systems the company protects.

Perhaps the question under consideration at the FBI was prompted by that finding. Did the Russian government discover a gap in Kaspersky’s software, or did Kaspersky provide it to them? Either way, it would make sense to remove their software from government systems, and it might not be a bad policy for private-sector firms and individuals either, assuming that the GSA and FBI are correct.

A measure of whether that’s correct might have come from the Russian embassy. In a statement, they declared the order as “regrettable,” and one that would have significant impact on the US-Russia relationship:

The decision by the U.S. government to stop using Kaspersky Lab products is “regrettable” and delays the prospects of a restoration of bilateral ties, the Russian embassy in the United States said. …

“These steps can only evoke regrets. They only move back the prospects of bilateral ties recovery,” the embassy said in a statement issued late on Wednesday.

That seems like a very strange connection to make with a supposedly commercial product. If the Russian government ordered a purge of Trend Micro, McAfee, or Norton from government computers, would we consider that a diplomatic issue? Perhaps a trade issue, but even that would be a stretch. No one’s barring Kaspersky from selling their software in the US; it’s just that their largest customer has decided to take their business elsewhere. Turning this into a diplomatic offense suggests that the Putin government really did have its fingers in Kaspersky, and want to pressure Trump to allow their fingers into the US government’s systems too.