The U.S. government’s decision to ban Kaspersky Lab products from the federal government removes less than $54,000 worth of direct business, according to court filings and information provided to CyberScoop by the Russian anti-virus maker.
The figure, referenced in newly filed court documents and further confirmed by CyberScoop, provides new, albeit limited, financial insight into Kaspersky Lab’s reach into the U.S. government prior to being banned.
Company founder Eugene Kaspersky told CyberScoop that the “less than $54,000” amount is “correct” and represents “a current figure.” He did not say if the amount included money from third party resellers who in turn sell Kaspersky Lab software to the government.
“As previously stated, Kaspersky Lab, in total, has identified active licenses held by U.S. federal agencies with a total value (to Kaspersky Lab) of less than USD $54,000,” a statement by Kaspersky Lab sent to CyberScoop this week reads.
A federal spending database, USASpending.gov, places Kaspersky’s business a bit higher than $54,000. The database shows approximately $157,000 in prime contracts between Kaspersky Lab and the government for fiscal year 2016 and 2017.
When asked to verify the amount, the Department of Homeland Security referred CyberScoop to the Justice Department. The Justice Department declined to comment.
Kaspersky Lab did not respond to other, more specific questions regarding the precise value of these active licenses.
Kaspersky’s business with the U.S. government wildly pales in comparison to competitors like FireEye and Symantec. According to USASpending.gov, FireEye earned approximately $51 million in prime contracts in FY2016 and FY2017. Symantec earned approximately $117 million in prime contracts over the same time frame.
The Russian company announced Tuesday it had filed a challenge against the Department of Homeland Security’s Binding Operational Directive (BOD), which forced agencies to find and uninstall the company’s software from their systems within 90 days.
The appeal by Kaspersky Lab centers on claims that DHS did not follow due process or provide sufficient evidence to substantiate assertions that the company acts as an espionage tool for Russian intelligence.
Notably, the controversial BOD exempted two Kaspersky Lab products: a subscription-based intelligence portal and workforce training tool. U.S. officials say the BOD is largely focused on the company’s anti-virus engine.
Citing unnamed current and former U.S. intelligence officials, multiple news outlets, including CyberScoop, reported in recent months about Kaspersky Lab’s relationship to Russian intelligence services. The Kremlin, according to multiple media reports, has leveraged the Russian software giant’s platform in order to spy on certain users.
More recently, the National Defense Authorization Act (NDAA) was passed into law, which also contained language banning the use of any Kaspersky Lab products in the military, further pushing the company out of government institutions. The NDAA did not except any products or services sold by Kaspersky Lab. The lawsuit by Kaspersky Lab does not mention the NDAA or its adverse effects.
While casual rumors of Kaspersky Lab’s allegiances to the Kremlin had circulated across Washington for years, it was not until lawmakers in congress began to apply pressure in early 2017 that the broader federal government began to take visible action in the form of new regulation.
Over the last several months, Mr. Kaspersky has argued that the recent rise in “bad press” is a result of Kaspersky Lab’s ongoing publication of high quality cybersecurity research, which in some cases outed ongoing U.S.-led cyber espionage operations.
In late November, for example, Mr. Kaspersky told a small audience of reporters in London that Kaspersky Lab’s unveiling of three specific hacker groups, The Lamberts, Equation Group and Project Sauron, had angered the U.S.
Security researchers say a connection likely exists between the CIA and so-called Lamberts as well as between the NSA and Equation Group.