GOP chairman says ‘red flags’ surround Russian cyber firm
Rep. Lamar Smith (R-Texas) is pressing fiercely ahead with his committee’s investigation into Kaspersky Lab, over what he described as “red flags” surrounding the cybersecurity firm at the centre of allegations that Russia sought to steal U.S. secrets.
“We’re going to make sure that our government computer systems are, in fact, secure and make sure that Kaspersky Lab and anyone else associated with Kaspersky is not trying to acquire classified information,” Smith told The Hill during a recent interview in his office on Capitol Hill.
The House Science, Space and Technology Committee chairman has been probing Kaspersky since the Department of Homeland Security in September publicly barred federal government entities from using the firm’s products, citing the risk that the Russian government could “capitalize on access provided by Kaspersky products” to compromise federal computer systems with or without the cyber firm’s cooperation.
The Moscow-based firm produces antivirus software and acclaimed research on cybersecurity threats.
The committee recently uncovered that the Pentagon had flagged Kaspersky as a potential threat more than a decade ago, spurring questions of why the firm remained on a list of approved vendors until this year.
“It’s curious to us why the federal government first initially approved Kaspersky Lab as a legitimate vendor from which to get antivirus software,” Smith said. “We really don’t have all of the answers yet.”
Members of both parties have raised concerns about Kaspersky.
Sen. Jeanne Shaheen (D-N.H.) successfully led a charge to include language in annual defence legislation that would codify the ban on Kaspersky products in the executive branch.
Republicans have cast the Trump administration as being tough on Russia given the ban on using Kaspersky products.
“I appreciate the administration being so quick to realize that Kaspersky Lab may be providing a threat to our national security,” Smith said. “Considering how slow administrations can act, this administration was very fast on this.”
Homeland Security’s move drew fire from the company as well as the broader cybersecurity community because it offered up no evidence bolstering its claims. Since then, news reports have alleged that Russian intelligence operatives exploited Kaspersky software on a National Security Agency employee’s personal computer in order to steal classified U.S. secrets.
“Kaspersky Lab does not have inappropriate ties to any government, including Russia, and the only conclusion seems to be that the company remains caught in the middle of an ongoing geopolitical fight,” Kaspersky told The Hill in a statement Tuesday.
“Kaspersky Lab continues to reiterate its willingness to work alongside U.S. authorities to address any concerns they may have about its products or services, and the company ardently believes a deeper examination of Kaspersky Lab will confirm that all allegations are unfounded.”
Homeland Security’s decision triggered a three-month process in which agencies and departments are required to remove any Kaspersky software from their systems.
The House Science panel, which has held two public hearings on the issue, is looking to conduct oversight of the directive.
Smith said that he wants agencies to be more forthcoming with information about their use of Kaspersky Lab software.
On Tuesday evening, the committee sent a list of outstanding questions to Homeland Security related to the directive, according to a letter shared with The Hill.
Smith asked the department for a number of documents related to the ongoing investigation, including a complete list of agencies and departments that have identified Kaspersky on their IT systems and an account of any communications between Homeland Security and the cybersecurity company.
The committee is also requesting that Homeland Security officials brief its members and staff on the issue by Dec. 19.
“The agencies … we’re looking for them to be more responsive to those kinds of questions,” Smith said. “We expect that they will be.”
Smith would not say whether the committee plans to ultimately interview Eugene Kaspersky, the company’s CEO, as part of its investigation. The House panel initially asked Kaspersky to testify at its first hearing, but walked back the request when the hearing was rescheduled and the investigation expanded.
“You never interview an adverse witness until you get all the facts and all the details,” Smith said. “And that will be the last person that you talk to. The point may well come.”
The inquiry into Kaspersky is a high priority for Smith in his final year in Congress.
Smith, who has spent three decades on Capitol Hill and helmed three different committees, including the powerful House Judiciary Committee, announced in November that he would not seek reelection beyond his current term.
Smith is among a slew of Republican lawmakers who will not return to Congress following the 2018 midterm elections, some of whom have pinned their decisions on the divisive political climate under Trump.
Smith, however, dismissed the idea that party politics contributed to his decision to not seek reelection. The “catalyst,” he said, was the impending end of his six-year chairmanship.
“When you’re in the majority and you’re a committee chairman — that’s not a bad place to be,” Smith chuckled. “It’s very appealing. I love my job. There’s nothing else I’d rather do, but with the chairmanship ending, I didn’t want to wander around the halls aimlessly with people having sympathy for me.”
Smith, 70, said he hopes to stay involved in the political process beyond next year, but also spend more time with his family in Texas.
“I’d like to keep one foot in Washington and one foot back home,” he said.
Source: The Hill