Kaspersky Lab has filed a lawsuit against the Trump administration after its anti-virus software was banned in civilian agencies. The appeal asks a US federal court to repeal the ban, arguing that it violates its right to due process and is therefore unconstitutional.
The Department of Homeland Security issued a directive in September, giving 90 days to remove the products. The concern surrounded the companies use of its software to perform Russian espionage.
However, Kaspersky says these accusations are baseless.
“DHS failed to provide Kaspersky Lab with adequate due process and relied primarily on subjective, non-technical public sources like uncorroborated and often anonymously sourced media reports and rumors in issuing and finalizing the Directive,” said CEO Eugene Kaspersky in an open letter. “DHS has harmed Kaspersky Lab's reputation and its commercial operations without any evidence of wrongdoing by the company. Therefore, it is in Kaspersky Lab's interest to defend itself in this matter.”
An Innocent Mistake?
A July report, which came from Bloomberg, was based on a series of emails which tied the firm to Russian intelligence. It alleged a number of projects for the FSB, including anti-DDoS systems.
A further report came from The Wall Street Journal in early October. According to the publication, hackers used Kaspersky to steal files from an NSA contractors home computer, and Kaspersky also copied the files.
However, Kasperky Lab held that it did not obtain the material intentionally. A 13-page report explains that the files were automatically downloaded by Kaspersky because they contained malicious code. The code, according to the firm, had roots in the Equation Group, who are NSA-linked hackers. Kaspersky deleted the files, other than malicious binaries used to improve detection.
Shortly afterward, the company offered to submit it source code and updates for inspection, but U.S. officials said it wasn't enough. The DHS is yet to respond to requests for comment on the lawsuit.
In the meantime, Eugene Kaspersky says the firm “remains committed to continuing its mission and business of protecting customers in the United States and around the world from cyber threats.”
It made good on that promise the very same day. Its researchers revealed Loapi, an Android trojan that can mine cryptocurrency and physically damage phones. We suspect its lawsuit will take a little longer to resolve.