Do You Know if You are Running Kaspersky Anti-virus Software on Your Network?

September 27, 2018

As the 2018 government fiscal year ends, another deadline is looming for government contractors. By October 1, government contractors must have all Kaspersky Lab hardware or software removed from their networks, as required by the Fiscal Year 2018 National Defense Authorization Act (“NDAA”) passed in December 2017.

Founded in 1997, Kaspersky Labs is a global cybersecurity company founded by Eugene Kaspersky, who is perceived to have ties to Russian intelligence and the Kremlin (which the company denies). The anti-Kaspersky rhetoric grew stronger in 2017 after a National Security Agency government contractor running Kaspersky anti-virus software on their home computer was found to have a hacking tool in use.

While the Kaspersky software correctly flagged the hacking tool, it also downloaded all of the hacked and stolen classified documents that the contractor had stolen and created a new home for the documents on the Kaspersky Lab server. Kaspersky stated that when they realized what happened, they deleted the documents. In the minds of U.S. intelligence, however, the damage was done. As a result, in September 2017, the Department of Homeland Security (“DHS”) issued a formal directive outlawing the use of Kaspersky branded products on its networks.

The 2018 NDAA then took it a few steps further. Unlike the DHS directive, the NDAA ban is not limited to software bearing the Kaspersky name. The ban also applies to Kaspersky code embedded in third-party products and specifically includes hardware. Contractors can view a list (it is not known if this list is comprehensive) of all the technology partners who use Kaspersky software in their own products. The list of technology partners includes some big names like Amazon Web Services, Juniper Networks, Microsoft, Broadcom and Pareto.

Kaspersky has filed a lawsuit against the ban, but in the interim, it remains in place. Some vendors are trying to distance themselves from Kaspersky, such as Juniper who has provided instructions on their website on how to uninstall the Kaspersky code that might be contained in their software. Government contractors should conduct detailed scans of the software on their networks and what hardware is being used and take proactive steps to remove any Kaspersky affiliated software from their network and confirm they are not proposing any Kaspersky branded or affiliated software in any solicitation response.

If you have any questions or would like to discuss how the Kaspersky ban might impact your network, please reach out to a Cherry Bekaert Government Contractor Consultant representative.