WASHINGTON (Reuters) – About 15 percent of U.S. federal agencies have reported some trace of Moscow-based Kaspersky Lab software on their systems, a Department of Homeland Security (DHS) official told Congress on Tuesday.
Jeanette Manfra, assistant secretary for cyber security at DHS, told a U.S. House of Representatives panel that 94 percent of agencies had responded to a directive ordering them to survey their networks to identify any use of Kaspersky Lab products.
The administration of President Donald Trump ordered civilian U.S. agencies in September to remove Kaspersky Lab from their networks, amid worries the Moscow-based cyber security firm was vulnerable to Kremlin influence and that using its anti-virus software could jeopardize national security.
The decision represented a sharp response to what U.S. intelligence agencies have described as a national security threat posed by Russia in cyberspace, following an election year marred by allegations that Moscow weaponized the internet in an attempt to influence its outcome.
Kaspersky Lab has repeatedly denied the allegations, and Moscow has denied that it sought to interfere in the 2016 presidential election.
The September DHS order required civilian agencies to identify any use of Kaspersky Lab products within 30 days and to discontinue their use within 90 days.
Ninety-six of 102 federal agencies have reported to DHS on whether they have found the antivirus firm’s software on their networks, Manfra told the oversight subcommittee of the U.S. House of Representatives’ Science, Space and Technology Committee.
DHS is working with the remaining six “very small” agencies to assess their networks, Manfra said.
Kaspersky Lab provided a written response last Friday to the order banning their products from the U.S. government, Manfra said, but officials were still reviewing it.
Manfra said DHS did “not currently have conclusive evidence” that any networks had been breached due to their use of Kaspersky Lab software.
The company’s products generally appeared to make its way onto U.S. government systems through larger technology purchases that included Kaspersky Lab products as pre-bundled software, making it more difficult to track, according to Manfra and other officials who were testifying on Tuesday.
Eugene Kaspersky, the chief executive of his namesake company, told Reuters in an interview last month he expected a “single-digit” drop in U.S. sales this year as a result of suspicions about his company’s ties to the Russian government.
Editing by Bernadette Baum