Cybersecurity

GOP chair threatens to subpoena DHS for Kaspersky documents

House Science, Space and Technology Committee Chairman Lamar Smith (R-Texas) is threatening to take action to force the Department of Homeland Security (DHS) to turn over documents on Kaspersky Lab that his committee has requested. 

Smith sent a letter to Secretary of Homeland Security Kirstjen Nielsen on Thursday accusing the department of failing to properly respond to an outstanding document request related to the committee’s ongoing probe into the Russia-based cybersecurity firm.

{mosads}Smith said the committee would consider using “compulsory process” against Homeland Security if it continues to buck the request, which would amount to subpoenaing the department for the documents.

Kaspersky, which produces lauded anti-virus software and has operations across the globe, has been mired in controversy as a result of alleged ties to Russian intelligence, which the company has long denied. 

The Science, Space and Technology Committee has been investigating Kaspersky Lab since last year as part of a broader review of the federal government’s cybersecurity posture.

“Given the serious nature of these concerns related to the Committee’s broader goal of uncovering all risks associated with Kaspersky, the Committee expects a full and complete response from the Department,” Smith wrote on Thursday.

Last September, Homeland Security publicly barred federal agencies and departments from using Kaspersky software, citing the risk of the Russian government capitalizing on the software “whether acting on its own or in collaboration with Kaspersky.” The Trump administration has not issued any evidence to back up the assertions in the directive. 

But news reports have emerged alleging that Russian spies used the company’s software to gain access to classified secrets on a National Security Agency contractor’s computer.

Agencies and departments were given until December to remove any Kaspersky software found on their systems.

Kaspersky has vowed to fight the ban.

The committee thus far has held two hearings on the issue, including one that featured testimony from Homeland Security’s top cyber official. 

Smith sent a letter to DHS in early December requesting a number of documents related to its investigation, including a complete list of agencies that identified Kaspersky software on their information systems by Dec. 19.

Homeland Security has yet to fully respond to the request, according to Smith, who wrote Thursday that the department provided a response earlier this month that “largely contained publicly available information outside the scope of the Committee’s request.” 

Officials later told the committee that they would not produce additional documents related to the request, citing “pending litigation,” according to Smith’s letter. 

Earlier this month, Kaspersky filed an injunction in federal court to block the order, arguing that the company did not receive proper notice or an opportunity to contest the evidence supporting it. 

“Pending litigation is not a basis for declining to fully comply with the December 5, 2017, request for documents and information,” Smith wrote Thursday, demanding a response to the outstanding request by Feb. 8.

“If the Department does not provide all of the requested materials, the Committee will consider use of the compulsory process to obtain the information,” he wrote. 

A department spokesman did not immediately return a request for comment.

The Science. Space and Technology Committee has jurisdiction over the National Institute of Standards and Technology (NIST), a nonregulatory federal body that develops cybersecurity guidance for the public and private sector. 

Under the Trump administration, agencies and departments are required to abide by the NIST cybersecurity framework.

Smith wrote that the documents are critical for the committee to fulfill its oversight responsibilities.