By Dustin Volz
LAS VEGAS (Reuters) – A U.S. congressional panel this week asked 22 government agencies to share documents on Moscow-based cyber firm Kaspersky Lab, saying its products could be used to carry out “nefarious activities against the United States,” according to letters seen by Reuters.
The requests made on Thursday by the U.S. House of Representatives Committee on Science, Space and Technology are the latest blow to the antivirus company, which has been countering accusations by U.S. officials that it may be vulnerable to Russian government influence.
The committee asked the agencies for all documents and communications about Kaspersky Lab products dating back to Jan. 1, 2013, including any internal risk assessments. It also requested lists of any systems that use Kaspersky products and the names of any U.S. government contractors or subcontractors that do so.
Kaspersky has repeatedly denied that it has ties to any government and said it would not help any government with cyber espionage. It said there is no evidence for the accusations made by U.S. officials.
The committee “is concerned that Kaspersky Lab is susceptible to manipulation by the Russian government, and that its products could be used as a tool for espionage, sabotage, or other nefarious activities against the United States,” wrote the panel’s Republican chairman, Lamar Smith, in the letters.
They were sent to all Cabinet-level agencies, including the Department of Commerce and Department of Homeland Security, as well as the Environmental Protection Agency and the National Aeronautics and Space Administration, among others.
A committee aide told Reuters the survey was a “first step” designed to canvas the U.S. government and that more action may follow depending on the results. The committee asked for responses by Aug. 11.
Kaspersky Lab, founded in 1997 and now counts over 400 million global customers, has tried largely in vain to become a vendor to the U.S. government, one of the world’s biggest buyers of cyber tools.
Longstanding suspicions about the company grew in the United States when U.S.-Russia relations deteriorated following Russia’s 2014 annexation of Crimea and later when U.S. intelligence agencies determined that Russia interfered in the 2016 U.S. presidential election using cyber means.
Congress this week slapped new sanctions on Russia, in part in response to the allegations, which Moscow flatly denies. Moscow retaliated by ordering out some U.S. diplomats.
U.S. intelligence chiefs in May publicly expressed doubt about the safety of Kaspersky products for the first time, although they offered no specific evidence of any wrongdoing. The government is reviewing how many agencies use software from Kaspersky Lab.
In June, FBI agents visited the homes of Kaspersky employees as part of a counterintelligence probe, two sources familiar with the matter said. The Trump administration also took steps to remove Kaspersky from a list of approved government vendors.
A defense spending policy bill advancing in the U.S. Senate would prohibit the Department of Defense from using Kaspersky products.
Kaspersky employees attending the annual Black Hat conference in Las Vegas this week appeared to be largely taking the setbacks in stride. The company cheekily hosted a party at the “Red Square” restaurant and bar, where it invited attendees to don fur coats before entering a vodka freezer to enjoy high-end imported bottles of alcohol.
On Tuesday, the company launched a free, global version of its antivirus software, saying in a blog post that it would help “secure the whole world.”
(Reporting by Dustin Volz; Editing by Jonathan Weber and Grant McCool)