The US government will not share which federal computer systems were using an antivirus software recently reported to have been exploited by Russian military intelligence to steal secrets from the National Security Agency, a spokesman told BuzzFeed News on Friday.
The Department of Homeland Security announced Sept. 13 that it was banning federal computers from using products made by Kaspersky Lab, an industry leading Russian cybersecurity company whose antivirus products in recent months have been the target of heavy criticism from lawmakers and openly disparaged by top US intelligence officials.
According to the DHS order, all federal departments and agencies would have to identify which Kaspersky products they were using within 30 days, develop plans to stop using them within 60 days, and implement those plans within 90 days.
But DHS spokesperson Scott McConnell told BuzzFeed News that his department will not make public the results of its survey of how widespread Kaspersky's products are in use.
“The Department’s priority is to ensure the integrity and security of federal information systems,” McConnell said. “We do not disclose information about the specific systems or products used at individual agencies because this information could be used by adversaries seeking to exploit information in these systems.”
McConnell's comments came on the day the agency's previously declared deadline passed for federal agencies to report their use of Kaspersky software.
Kaspersky has long employed former Russian intelligence agents, and its founder, Eugene Kaspersky, was himself trained at a school run by the KGB, the Soviet era spy agency succeeded by the modern FSB, a Russian intelligence and law enforcement agency.
But Kaspersky' has repeatedly denied that his company works with the Russian government or has intentionally been involved with illegal hacking.
When DHS first announced the ban, it wasn’t clear exactly what prompted that level such government distrust. But according to a series of subsequent reports from the Wall Street Journal, Washington Post, and New York Times, US intelligence officials learned, after being alerted by Israeli intelligence, that Russian intelligence was able to steal top-secret National Security Agency tools because an NSA employee who took those tools home used Kaspersky antivirus on his home computer.
“There’ve been too many dots connected with them and the Russians – Russian intelligence, Russian government, every other thing,” Sen. Joe Manchin of West Virginia, a member of the Senate Intelligence Committee and longstanding critic of government use of Kaspersky software, told BuzzFeed News last week. “Why would we put ourselves in position to be that vulnerable, with so much access to pertinent information?”
BuzzFeed News has filed a Freedom of Information Act request with DHS for which agencies use Kaspersky software.
Kevin Collier is a cybersecurity correspondent for BuzzFeed News and is based in New York.
Contact Kevin Collier at firstname.lastname@example.org.
Got a confidential tip? Submit it here.