Only 15 per cent of US federal agencies still have Kaspersky Lab software anywhere on their networks.
So said the United States' Department of Homeland Security (DHS) assistant secretary for cyber security, Jeanette Manfra, at a Tuesday hearing of the House Committee on Science, Space, and Technology's oversight subcommittee.
Manfra said the number isn't quite complete, because it represents 94 per cent of agencies, who had responded to an order to survey their networks and remove Kaspersky products if they were found.
In a statement that should somewhat deflate the hyperventilation about the risk Kaspersky posed to US government data, Manfra also told the hearing the DHS had no “conclusive evidence” of any breaches among Kaspersky users.
In September, the DHS gave government agencies 90 days to remove Kaspersky software from their systems. The rationale for the edict was fear that Kaspersky is either too close to the Russian government or subject to orders from the Kremlin.
The paranoia was heightened by the “Spy vs Spy” case that exposed NSA tools to Russian spies.
Founder Eugene Kaspersky has repeatedly denied links to the government, and has offered his source code for review.
During her testimony, Manfra hinted at a possible retaliation by Kaspersky. Without naming the company, she warned the committee she might not be able to answer some questions.
While the company has given a chance to respond to the ban, she said: “We are in the middle of an administrative process with the affected entity, and there could be litigation related to this directive … we need to provide the company with a meaningful opportunity to be heard, and there may be Federal Court review of our actions and decisions, there may be certain issues it would not be appropriate for me to comment on until the conclusion of this administrative process”.
Video of the hearing is posted here. Manfra's testimony starts at about the 33:15 mark of the video. ®