WASHINGTON—A U.S. judge dismissed a pair of lawsuits filed by Russian cybersecurity firm Kaspersky Lab demanding the U.S. government rescind a ban on the use of its software in U.S. government computers, saying the action was justified to reduce cybersecurity risk.
“These defensive actions may very well have adverse consequences for some third-parties,” U.S. District Judge Colleen Kollar-Kotelly wrote in her Wednesday ruling. “But that does not make them unconstitutional.”
Kaspersky Lab, a privately held company, had filed a lawsuit in the U.S. District Court for the District of Columbia challenging a directive imposed last year by the Department of Homeland Security ordering federal agencies to purge the antivirus company’s software from federal networks due to American concerns the Moscow-based firm may have ties to Russian intelligence. The company also had challenged a law passed by Congress that codified the ban.
Eugene Kaspersky, chief executive of ‘s Kaspersky Lab, seen in Moscow in October, 2017. Photo: maxim shemetov/Reuters
In a statement, Kaspersky Lab, a global cybersecurity firm founded by Russian businessman and computer expert Eugene Kaspersky, said it was disappointed in the ruling and would “vigorously pursue our appeal rights.”
“Kaspersky Lab maintains that these actions were the product of unconstitutional agency and legislative processes and unfairly targeted the company without any meaningful fact finding,” the company said. The company has repeatedly denied accusations it uses its software to conduct espionage for Russia.
But Judge Kollar-Kotelly said the actions of the U.S. government and lawmakers were taken not to punish Kaspersky Lab but to eliminate “a perceived risk to the nation’s cybersecurity” that had a secondary effect of “foreclosing one small source of revenue for a large multinational corporation.”
The dismissals are the latest in a string of setbacks over the past year for Kaspersky Lab, which has been unable to shed accusations that its software is used, wittingly or otherwise, to perform espionage for the Kremlin. The Wall Street Journal reported in October that hackers suspected of working for the Russian government targeted a National Security Agency operative through his use of Kaspersky antivirus software and stole details of how the U.S. penetrates foreign computer networks.
The negative publicity has impacted Kaspersky sales overseas as well. In December 2017, Britain’s National Cyber Security Centre, an intelligence-agency division, recommended that U.K. government departments avoid using antivirus software from Russia-based companies including Kaspersky because of national-security concerns.
In May, a Dutch minister said the Netherlands were taking the precautionary measure of phasing out Kaspersky software from central-government systems and advising critical-infrastructure organizations to do the same because Russian law requires Russia-based companies to support intelligence services.
In response to the U.S. and U.K. concerns about Kaspersky, the company said it would spend $12 million to relocate significant operations to Switzerland by the end of 2019. Some cybersecurity experts are skeptical that this step would shield it from Russian-government tampering.
In an interview in mid-May, Anton Shingarev, who heads government relations for Kaspersky, said the U.S. and U.K. concerns haven’t stopped the company’s revenue growth and that it continues to try to communicate with Washington about steps it has taken to address security concerns.
“Unfortunately, the U.S. government is not responsive to us these days,” Mr. Shingarev said.
Write to Stu Woo at Stu.Woo@wsj.com