After the U.S. Department of Homeland Security (DHS) issued a binding operational directive ordering government departments and agencies to stop using products from Russia-based Kaspersky Lab, the security firm’s CEO has been invited to testify before Congress.
Eugene Kaspersky, Kaspersky Lab’s chairman and CEO, posted on Twitter a screenshot of the invitation he received from the U.S. House of Representatives’ Oversight Subcommittee of the Committee on Science, Space, and Technology.
While the CEO has accepted the invitation to testify, the hearing has been scheduled for September 27, which might not give him enough time to obtain a U.S. visa.
“Hope to get expedited visa,” Kaspersky said on Twitter. “As of today it takes ~2 months to get one.”
In the letter sent to Kaspersky, the government said the purpose of the hearing is to “conduct oversight of the cybersecurity posture of the federal government, and examine the extent to which the federal government utilizes your company’s products.” The hearing will also review the implementation by federal agencies of the recent Executive Order on strengthening the cybersecurity of federal networks and critical infrastructure, and the NIST cybersecurity framework.
There have been numerous media reports in the past months about Kaspersky’s alleged ties to Russian intelligence, which has raised concerns among officials, ultimately leading to the U.S. General Services Administration removing Kaspersky Lab from its list of approved vendors, and the DHS ordering government agencies to establish and implement a plan for the replacement of such products in the next 90 days.
In addition to Kaspersky Lab’s alleged ties to Russian intelligence, the DHS’s binding operational directive also references Russian laws that allegedly allow the country’s intelligence agencies to request or compel assistance from Kaspersky. However, the company pointed out that these laws only apply to ISPs and other telecoms services providers.
The announcement made by the DHS this week said Kaspersky will be given the opportunity to submit a written response to address or mitigate concerns, which the security firm welcomed.
In many cases, Kaspersky provided point-by-point responses to the allegations included in media articles regarding the company’s ties to the Russian government, but those arguments have not had any effect on the decisions and proposals made by U.S. officials. On the other hand, many members of the cybersecurity industry pointed out that no evidence has been provided to prove the antivirus company’s alleged inappropriate connections.
“I’ve repeatedly offered to meet with government officials, testify before the U.S. Congress, provide the company’s source code for an official audit and discuss any other means to help address any questions the U.S. government has about Kaspersky Lab – whatever it takes, I will do it. And I look forward to working with any agency or government officials that are interested,” Kaspersky said in a piece published by Forbes.
“So what exactly is going on? Well, it looks to me like the reason for being shunned (despite our many offers to assist) can only be one thing: geopolitical turbulence,” Kaspersky explained. “As I’ve said before, it’s not popular to be Russian right now in some countries, but we cannot change our roots, and frankly, having these roots do not make us guilty.”
Kaspersky Lab recently announced plans to open three new regional offices in North America next year — one in Canada and two in the U.S.