Cold War Special: Office Depot Offers Free Kaspersky Removal over Spy Concerns

Pressure is mounting on Russian antivirus vendor Kaspersky Lab with office supplies giant Office Depot offering to remove it from customers’ computers for free and a Congressional hearing on the company’s links to Russian intelligence scheduled for later in October.

Office supplies giant Office Depot, once one of the biggest sellers of Kaspersky Lab* antivirus software, is now offering to remove it from customers’ computers for free.

The move is just the latest evidence of growing doubts about the security of the company’s antivirus software following reports that the U.S. Department of Homeland Security had instructed federal agencies to abandon the software and planned Congressional hearings focused on Kaspersky’s alleged ties to Russian intelligence.

Signs on display at Office Depot and OfficeMax stores inform customers that “due to the recent news over Kaspersky Total Security software,” Office Depot and OfficeMax “will be providing FREE in store software removal.”

Office Depot spokeswoman Julianne Embry confirmed the program offering free Kaspersky software removals in an e-mail to The Security Ledger.

A sign on display at Office Depot stores informs customers that they can have Kaspersky Lab’s software removed for free and replaced with competing software by McAfee.

“As of September 14, Office Depot stopped selling the Kaspersky Total Security software. In addition, we feature in our Office Depot and OfficeMax stores a special offer for any customer who purchased this software, regardless of where it was purchased,”  Embry wrote. Office Depot said it will install antivirus software from McAfee LiveSafe product for free to replace the Kaspersky and “perform a free diagnosis of their computer to make sure it is virus-free.” Ouch.

The offer runs through November 4, Embry said.

A steady drumbeat of warnings

The program is just the latest blow to Kaspersky’s standing in the U.S. In recent weeks retailers like Best Buy have said they will stop selling the company’s products. Also, The Wall Street Journal reported last week that the National Security Agency believes the company’s software may have played a part in the theft of classified NSA hacking tools from the computer of an Agency contractor. The company and its CEO, Eugene Kaspersky, strenuously denied that report.

The matter is of interest to U.S. lawmakers, as well. Senators including Florida’s Marco Rubio have publicly questioned the integrity of the software in open hearings. Reuters reported last week that the U.S. House of Representatives will hold a hearing on the security of Kaspersky Lab software, with lawmakers reviewing recently published accusations that the Kremlin could use its products to conduct espionage.

The House Committee on Science, Space and Technology has asked federal agencies for any documentation of their use of Kaspersky’s software (PDF), saying it was concerned that the company is susceptible to manipulation by the Russian government.

Hearing in October

More recently, the Committee scheduled a hearing for October 25th following reports that Russian government-backed hackers stole highly classified U.S. cyber secrets in 2015 from a National Security Agency contractor who had Kaspersky software installed on his laptop.The House science committee did not say who would be called to testify at the hearing.

The case against Kaspersky is mostly circumstantial. The Wall Street Journal article cited unnamed sources saying that the Kaspersky Lab antivirus software played a role in divulging the NSA tools and omitted details on the link between the company and Russian intelligence operatives.

Kaspersky CEO Eugene Kaspersky has offered to submit his company’s software to a government audit. However, legal and security experts note that the absence of “back doors” or other cyber offensive capabilities in the Kaspersky Lab antivirus software wouldn’t rule out government manipulation of the company’s foothold on millions of corporate and consumer systems.

(*) Editor’s note: this author was an employee of Kaspersky Lab from 2010 until 2012, where he worked as a Senior Editor at Threatpost.com, Kaspersky’s cyber security news website. 

Security Ledger wants to hear your thoughts! Leave a reply.