The U.S. Federal Communications Commission (FCC) on Friday moved to add Russian cybersecurity company Kaspersky Lab to the “Covered List” of companies that pose an “unacceptable risk to the national security” of the country.
The development marks the first time a Russian entity has been added to the list that’s been otherwise dominated by Chinese telecommunications firms. Also added alongside Kaspersky were China Telecom (Americas) Corp and China Mobile International USA.
The block list includes information security products, solutions, and services supplied, directly or indirectly, by the company or any of its predecessors, successors, parents, subsidiaries, or affiliates.
The FCC said the decision was made pursuant to a Binding Operational Directive (BOD) issued by the Department of Homeland Security on September 11, 2017 that barred federal agencies from using Kaspersky-branded products in their information systems.
The security services provider, in response, said it was disappointed with the FCC’s decision and that it’s “being made on political grounds” without any technical assessment of its products.
“Kaspersky maintains that the U.S. Government’s 2017 prohibitions on federal entities and federal contractors from using Kaspersky products and services were unconstitutional, based on unsubstantiated allegations, and lacked any public evidence of wrongdoing by the company,” it added.
The announcement arrives as HackerOne said it’s indefinitely suspending Kaspersky’s access to the bug bounty platform in response to sanctions imposed on Russia and Belarus. The company said it “finds this unilateral action an unacceptable behavior.”
When reached for a response, HackerOne told The Hacker News that “Our conversations with Kaspersky are ongoing, and we will continue to work with their team to address their concerns.”
The FCC’s decision also mirrors an advisory released by Germany’s Federal Office of Information Security (BSI) this month against using the company’s security solutions in the country over “doubts about the reliability of the manufacturer.”
“No evidence of Kaspersky use or abuse for malicious purpose has ever been discovered and proven in the company’s twenty-five years’ history notwithstanding countless attempts to do so,” the company’s founder Eugene Kaspersky said on March 16.