US Bans Kaspersky to Safeguard National Security Over Alleged Ties of the Antivirus Company with Russia.
The Biden administration has finalized plans to ban the sale and distribution of Kaspersky antivirus software in the United States due to security concerns regarding the company’s alleged ties to the Russian government.
In an announcement by the Department of Commerce’s Bureau of Industry and Security (BIS), starting July 20, 2024, Kaspersky will be prohibited from entering into any new agreements with US individuals or businesses to provide antivirus or cybersecurity products and services.
By September 29, 2024, Kaspersky and its affiliates will no longer be allowed to distribute software updates to existing customers located in the US. This effectively means that after these dates, US consumers and organizations will no longer receive critical security patches for Kaspersky software in use.
Kaspersky Banned in US as Biden Cites National Security Concerns Posed by Kaspersky
The Biden administration cites national security risks posed by Kaspersky’s alleged ties to the Russian government and the Kremlin’s proven ability and intent to conduct cyber-espionage operations.
Much of the US government’s concern stems from Kaspersky acquiring secret NSA exploits and hacking tools in 2015. While Kaspersky claims this was unintentional and happened automatically through its antivirus systems, US officials believe the Russian FSB took advantage of Kaspersky software to scan computers for sensitive files.
Since then, the US has been gradually restricting Kaspersky usage through bans on federal agencies and contractors. The Commerce Department said the new nationwide ban was necessary as there is “no way” to mitigate security risks posed by the company’s connections to Russia.
“The Biden-Harris Administration is committed to a whole-of-government approach to protect our national security and out-innovate our adversaries,” said Secretary of Commerce Gina Raimondo.
“Russia has shown time and again they have the capability and intent to exploit Russian companies, like Kaspersky Lab, to collect and weaponize sensitive U.S. information, and we will continue to use every tool at our disposal to safeguard U.S. national security and the American people. “
Kaspersky Denies Allegations, Vows Legal Action
In a statement to BleepingComputer and the Washington Post, Kaspersky denied engaging in any activities that threaten US national security.
The company said it “intends to pursue all legally available options” against the ban, which CEO Eugene Kaspersky called an decision that ignores “evidence” and is based on “theoretical concerns, rather than a comprehensive evaluation.”
Kaspersky maintains that it has implemented “significant transparency measures” to demonstrate independence from governments. However, the Biden administration appears unconvinced and views a complete ban as necessary for safeguarding critical US infrastructure and data.
Impact of Kaspersky Ban for Users in the US
The ban will impact a “significant number” of Kaspersky customers in the US, including state/local governments and companies servicing sectors like telecom, power, and healthcare.
While individuals can continue using existing Kaspersky software, doing so poses security risks as the software will become outdated without updates. Users only have until September 2024 to find and transition to alternative antivirus solutions.
This ban provides a big advantage to cybercriminals by restricting vital security cooperation between international experts. It also limits consumer choice by forcing people onto different antivirus tools that may not be as effective for their needs.