DHS directs government agencies to scrub systems for Russian company's software

U.S. officials have expressed growing concern about Kaspersky Lab.

This is one of the U.S. government’s most significant steps yet amid concerns that the Kremlin could try to use Kaspersky Lab software – embedded in homes, businesses and government systems across the United States – to spy on Americans, steal sensitive files or attack critical infrastructure.

"After careful consideration of available information and consultation with interagency partners, Acting Secretary of Homeland Security Elaine Duke today issued a Binding Operational Directive (BOD) directing Federal Executive Branch departments and agencies to ... identify any use or presence of Kaspersky products on their information systems in the next 30 days, to develop detailed plans to remove and discontinue present and future use of the products in the next 60 days, and at 90 days from the date of this directive, unless directed otherwise by DHS based on new information, to begin to implement the agency plans to discontinue use and remove the products from information systems," DHS said in a press release today.

Kaspersky Lab responded in a statement today, saying, "Given that Kaspersky Lab doesn't have inappropriate ties with any government, the company is disappointed with the decision by the U.S. Department of Homeland Security (DHS), but also is grateful for the opportunity to provide additional information to the agency in order to confirm that these allegations are completely unfounded. No credible evidence has been presented publicly by anyone or any organization as the accusations are based on false allegations and inaccurate assumptions."

Read the full statement here.

"While our intelligence agencies may not use Kaspersky software, other federal agencies do ... [and] it is alarming that essential U.S. government agencies do," Klobuchar wrote. "This is especially concerning because the Russian government is actively trying to undermine our democracy."

In particular, Klobuchar wants to know whether DHS uses Kaspersky Lab software on any critical infrastructure, whether DHS has reached out to state agencies about their use of such software, and whether DHS is working to ensure that any software on election-related systems is safe to use.

Kobuchar cited ABC News’ exclusive reporting that DHS issued a secret memorandum about Kaspersky Lab in February.

Two months ago, the Trump administration decided to remove Kaspersky Lab from the U.S. government's list of companies whose products are approved for use on federal systems.

U.S. officials have yet to publicly present any evidence indicating concerning links between Kaspersky Lab employees and elements of the Russian government.

But Shaheen, a key member of the Senate Armed Services Committee, said assessments underlying U.S. officials' concerns are classified, and "it is unacceptable to ignore questions about Kaspersky Lab because the answers are shielded in classified materials."

Kaspersky Lab CEO Eugene Kaspersky has called U.S. government efforts "extreme."

"Kaspersky Lab is facing one of the most serious challenges to its business yet, given that members of the U.S. government wrongly believe the company or I or both are somehow tied to the Russian government," he recently wrote on his blog. "Basically, it seems that because I'm a self-made entrepreneur who, due to my age and nationality, inevitably was educated during the Soviet era in Russia, they mistakenly conclude my company and I must be bosom buddies with the Russian intelligence agencies ... Yes, it is that absurdly ridiculous."

"Kaspersky Lab believes it is completely unacceptable that the company is being unjustly accused without any hard evidence to back up these false allegations," the company said in a statement today. "Kaspersky Lab, a private company, seems to be caught in the middle of a geopolitical fight where each side is attempting to use the company as a pawn in their political game."

In its statement today, DHS said it is "providing an opportunity for Kaspersky to submit a written response addressing the department’s concerns or to mitigate those concerns. ... The department wants to ensure that the company has a full opportunity to inform the Acting Secretary of any evidence, materials, or data that may be relevant."