The Russia connectionLawmakers request additional documents from DHS re: Kaspersky investigation

Published 8 December 2017

U.S. House Science, Space, and Technology Committee chairman Lamar Smith (R-Texas) sent a letter Tuesday to the Department of Homeland Security (DHS) requesting documents and information related to the DHS directive to all government agencies to identify and remove Kaspersky Lab software from their computer systems.

U.S. House Science, Space, and Technology Committee chairman Lamar Smith (R-Texas) sent a letterTuesday to the Department of Homeland Security (DHS) requesting documents and information related to the DHS directive to all government agencies to identify and remove Kaspersky Lab software from their computer systems.

The committee held a hearing 14 November examining the implementation of the DHS order, Binding Operational Directive (BOD) 17-01. The letter requests information regarding compliance with the directive, including what agencies have not submitted the required reports to DHS and which have identified Kaspersky software on their systems.

The letter readsin part:

As part of an ongoing review of the federal government’s cybersecurity posture, the Committee on Science, Space, and Technology is continuing our investigation into Kaspersky Lab.

Within 60 calendar days after issuance of BOD 17-01, federal government departments and agencies were required to identify the use or presence of Kaspersky software on their information systems, develop a plan of action to remove and discontinue use of Kaspersky products, and report to the Department other details on the implementation of the complete removal of Kaspersky products. These plans of action, required to be submitted to the Department, contain a number of elements critical to ensuring the elimination of the risk posed by Kaspersky products.

While it is necessary to ensure these departments and agencies are taking the appropriate steps to remove this risk, we are also interested in proactive steps and coordination among federal agencies and departments. The federal government needs to leverage all resources to ensure that Kaspersky products on federal systems have been completely removed. The Committee’s investigation is consistent with its broader goal of uncovering all risks associated with Kaspersky. This includes identifying all necessary actions needed to eliminate the risk, even beyond the risk to federal systems.

The letter can be found here.

Background:

· On 27 July, House Science, Space, and Technology Committee Chairman Lamar Smith (R-Texas) sent a letterto 22 federal agencies requesting documents and information regarding their use of Kaspersky Lab software.

· On 13 September, the Department of Homeland Security (DHS) issued Binding Operational Directive (BOD) 17-01directing all federal entities to identify and remove Kaspersky Lab software from their systems.

· On 25 October, the House Science, Space, and Technology Committee held the first in a series of hearingsexamining the government’s use of Kaspersky Lab software. This hearing examined the risks associated with the use of Kaspersky Lab software and the inclusion of Kaspersky Lab on the federal purchasing schedules produced by the General Services Administration.

· On 14 November, the House Science, Space, and Technology Committee held the second in a series of hearingsexamining the government’s use of Kaspersky Lab software. This hearing examined the implementation of DHS BOD 17-01 and included witnesses from DHS and the Department of Defense.