• The Breach Report
  • Posts
  • Kaspersky Antivirus banned in U.S. due to National Security risks

Kaspersky Antivirus banned in U.S. due to National Security risks

The company must cease all Kaspersky antivirus sales by July 20, 2024

In partnership with

Welcome to the latest issue of The Breach Report, a cybersecurity newsletter from the creators of the Cybersecurity Careers Blog. Be sure to subscribe via email or RSS.

Scale your GRC program with Automation and AI

Spending hours gathering evidence, tracking risk, and answering security questionnaires? Move away from manual work by automating key GRC program needs with Vanta.

  • Automate evidence collection across 21+ frameworks including SOC 2 and ISO 27001 with continuous monitoring

  • Centralize risk and report on program impact to internal teams

  • Create your own Trust Center to proactively manage buyer needs

  • Leverage AI to answer security questionnaires faster

Over 7,000 global companies like Atlassian, Flo Health, and Quora use Vanta to build trust and prove security in real time. Connect with a team member to learn more.

U.S. bans Kaspersky antivirus software due to National Security risks

Eugene Kaspersky, CEO of Kaspersky Labs, maintains that the company has operated independently of any Russian government influence for over 26 years.

Eugene Kaspersky, CEO of Kaspersky Labs, maintains that the company has operated independently of any Russian government influence for over 26 years.

The Biden-Harris Administration and the United States Department of Commerce have announced that they are banning Kaspersky antivirus software across the entire U.S., forcing the company to dismantle and shut down all U.S. operations by September 29, 2024. All sales of its cybersecurity and antivirus products and services to U.S. persons must cease by July 20, 2024.

Kaspersky antivirus software has "an ability to gather valuable U.S. business information, including intellectual property, and to gather U.S. persons’ sensitive data for malicious use by the Russian Government pose an undue or unacceptable national security risk,” the Department stated.

The September 29, 2024, deadline will force Kaspersky to shut down its U.S.-based Kaspersky Security Network (KSN), antivirus signatures, and codebase updates. Kaspersky is also prohibited from integrating any component of the company’s offerings into third-party software or offerings.

The only exceptions the Department of Commerce made are Kaspersky Threat Intelligence products and services and Kaspersky Security and Consulting services. The department considers those services “educational” or “informational” and thus avoids the ban.

Commerce: Kaspersky antivirus software is a surveillance tool of the Kremlin

Secretary of Commerce Gina Raimondo articulated the Russian government's exploitation of Kaspersky for cyber intelligence objectives:

“Russia has shown time and again they have the capability and intent to exploit Russian companies, like Kaspersky Lab, to collect and weaponize sensitive U.S. information, and we will continue to use every tool at our disposal to safeguard U.S. national security and the American people. Today’s action, our first use of the Commerce Department’s ICTS authorities, demonstrates Commerce’s role in support of our national defense and shows our adversaries we will not hesitate to act when they use their technology poses a risk to United States and its citizens.”

Banning Kaspersky antivirus and cybersecurity products in the U.S. was not unexpected. In 2017, the Department of Homeland Security ordered federal agencies to remove all Kaspersky products from federal information systems.

In 2022, the U.S. Federal Communications Commission placed Kaspersky’s products and services on a list that posed a significant threat to national security.

Today, the US Department of the Treasury’s Office of Foreign Assets Control (OFAC) has announced economic sanctions against 12 executives and senior leaders at AO Kaspersky Lab. Notably, Eugene Kaspersky is not one of them.

In a prepared statement to Ars Technica, Kaspersky has stated that it is willing to “pursue all legal options” following the ban on its antivirus software. Predictably, it also claims that the ban by the Department of Commerce is “purely political.”

The company has also maintained that it has operated independently of the Russian government for over 26 years.

Despite the U.S. government ban, It also vows to continue selling its antivirus software.

A full press release was posted by Kaspersky on their X account:

After Kaspersky, is TikTok next?

No matter how Kaspersky challenges the ban, it will likely end any significant market capture within the United States. Sinking revenue since the 2017 Homeland Security ban and increasingly negative public sentiment toward Russia–now more than ever due to the ongoing war in Ukraine–has made this brand too toxic.

It also doesn’t give any confidence in the possibility of a U.S.-based TikTok remaining in operation. The Biden-Harris Administration announced in April it is forcing the Beijing-tied social media platform to sell within one year or face a permanent ban.

Increasing weaponization of data and using software and social media for surveillance purposes originating from China and Russia is a quick way to a ban in today’s political climate.

Latest Cybersecurity News

What we’re reading across the wire about the latest cybersecurity hacks, breaches, industry news, and more.

New from our favorite blogs and journalists:

Cybersecurity Industry Press Releases:

Today’s Cyber Wall of Shame

You know you’re going to miss this…

Until next time…

Rob Waters
Founder
The Breach Report + Cybersecurity Careers Blog


P.S. - Do you want to start a newsletter yourself?
You can with beehiiv. Create one today with a free trial.
Disclaimer: The Breach Report may contain affiliate links. Read our Advertising policy page.

Reply

or to participate.