Today, the Biden administration has announced an upcoming ban of Kaspersky antivirus software and the pushing of software updates to US companies and consumers, giving customers until September 29, 2024, to find alternative security software.
"Today, the Department of Commerce's Bureau of Industry and Security (BIS) announced a Final Determination prohibiting Kaspersky Lab, Inc., the U.S. subsidiary of a Russia-based anti-virus software and cybersecurity company, from directly or indirectly providing anti-virus software and cybersecurity products or services in the United States or to U.S. persons," reads a new announcement from the US BIS agency.
"The prohibition also applies to Kaspersky Lab, Inc.’s affiliates, subsidiaries and parent companies (together with Kaspersky Lab, Inc., “Kaspersky”)."
This ban not only involves the sale of Kaspersky products but also prevents the company from delivering antivirus and security updates to customers, making it critical for customers to provide alternative software by the end of September.
"The Biden-Harris Administration is committed to a whole-of-government approach to protect our national security and out-innovate our adversaries," said Secretary of Commerce Gina Raimondo.
"Russia has shown time and again they have the capability and intent to exploit Russian companies, like Kaspersky Lab, to collect and weaponize sensitive U.S. information, and we will continue to use every tool at our disposal to safeguard U.S. national security and the American people. "
While Kaspersky has denied any ties to the Russian government, the US government feels that due to the Russian government's cyber capabilities and ability to influence Kaspersky's operations, there was no way to mitigate the risk without a total ban on the company's services in the USA.
Much of this concern stems from Kaspersky's acquisition of secret security tools and exploits linked to the Equation Group, which is believed to have been the NSA's cyber-operations division.
At the time, Kaspersky stated that their antivirus software automatically retrieved the NSA files after detecting previously unseen but potentially malicious files. It is common for antivirus vendors to upload files that are suspected of being malicious to their servers for further analysis.
However, the US government believes that Russian FSB agents or other Kaspersky insiders used Kaspersky antivirus as an interactive search engine to scan computers worldwide for files of interest.
Since then, the US government has been slowly banning the use of Kaspersky products within federal agencies and now, with today's announcement, throughout the country.
As part of these announcements, the BIS has set up a dedicated page outlining what the Kaspersky ban means for corporate and consumer customers.
Starting at midnight ET on July 20, 2024, Kaspersky is banned from entering into any new agreements with a US person of business. This includes any software or white-labeled product from the company.
At midnight ET on September 29, 2024, Kaspersky or any of its agents are prohibited from distributing software and antivirus updates to customers and operating its Kaspersky Security Network (KSN) in the United States or on any US person's systems.
Kaspersky Security Network is the company's cloud-based threat platform that accepts new file samples and telemetry uploaded from devices running its software.
While the government states that they will not pursue legal action against any US individuals continuing to use Kaspersky software after these deadlines, they will be using the software at their own risk.
In addition to the ban, the BIS has added three entities associated with Kaspersky—AO Kaspersky Lab, OOO Kaspersky Group (Russia), and Kaspersky Labs Limited (United Kingdom)— to the Entity List for alleged cooperation with the Russian government.
In response to today's ban, Kaspersky shared the following statement with BleepingComputer, which we have reproduced in full below.
"Kaspersky is aware of the decision by the U.S. Department of Commerce to prohibit the usage of Kaspersky software in the United States. The decision does not affect the company’s ability to sell and promote cyber threat intelligence offerings and/or trainings in the U.S. Despite proposing a system in which the security of Kaspersky products could have been independently verified by a trusted 3rd party, Kaspersky believes that the Department of Commerce made its decision based on the present geopolitical climate and theoretical concerns, rather than on a comprehensive evaluation of the integrity of Kaspersky’s products and services. Kaspersky does not engage in activities which threaten U.S. national security and, in fact, has made significant contributions with its reporting and protection from a variety of threat actors that targeted U.S. interests and allies. The company intends to pursue all legally available options to preserve its current operations and relationships.
For over 26 years, Kaspersky has succeeded in its mission of building a safer future by protecting over a billion devices. Kaspersky provides industry-leading products and services to customers around the world to protect them from all types of cyber threats, and has repeatedly demonstrated its independence from any government. Additionally, Kaspersky has implemented significant transparency measures that are unmatched by any of its cybersecurity industry peers to demonstrate its enduring commitment to integrity and trustworthiness. The Department of Commerce’s decision unfairly ignores the evidence.
The primary impact of these measures will be the benefit they provide to cybercrime. International cooperation between cybersecurity experts is crucial in the fight against malware, and yet this will restrict those efforts. Furthermore, it takes away the freedom that consumers and organizations, large and small, should have to use the protection they want, in this case forcing them away from the best anti-malware technology in the industry, according to independent tests. This will cause a dramatic disruption for our customers, who will be forced to urgently replace technology they prefer and have relied upon for their protection for years.
Kaspersky remains committed to protecting the world from cyberthreats. The company’s business remains resilient and strong, marked by an 11-percent growth in sales bookings in 2023. We look forward to what the future holds, and will continue to defend ourselves against actions that seek to unfairly harm our reputation and commercial interests."
Comments
thatirish - 4 months ago
The ole saying, that where there's a will there is a way?
ctigga - 4 months ago
The more I hear about Biden's increasing and nonsensical executive decrees, the more I'm convinced his handlers KNOW they are going to lose reelection. They're on a mission to screw-up America as much as they can before getting the boot.
Of course the new Administration will have to undo all this nonsense. America really needs to get back to enforcing that all legislation comes from the legislative body of Congress -- with checks and balances. This one-person, executive decree garbage came from Obama and needs to be ended (along with invalidating all the illegal decrees that have been passed)
Hang on America. Much of our electronics technology, firmware and software are also outsourced. You never know what the never idiotic decree will bring.
dusselduss - 4 months ago
are you honestly thinking there are grownup adults sitting in suits saying "nah i will f that whole country over because i wont win."
saying this implies you think they know what theyre doing is wrong and theyre doing it despite knowing better which i dont think is true. every person ever thinks of its own decisions as being the best, smartest and most rational. your thinking stops discussion by arranging the world in good vs evil.
Qazzy1579 - 4 months ago
Here are the number of executive orders by President.
Biden - 129 thus far
Trump - 220
Obama - 276
Bush - 291
Clinton - 364
HW Bush - 166
Reagan - 381
If we go back to Woodrow Wilson, you will find 1,767 orders
Executive orders did not start in 2009 or with any political party.
buddy215 - 4 months ago
What a lengthy comment. You could of just said "I support Putin and his protege Trump".
ctigga - 4 months ago
*next idiotic
ZeroYourHero - 4 months ago
I thought it was already banned from federal government back in 2019. I guess it's "more" banned now.
https://www.nextgov.com/cybersecurity/2019/09/us-finalizes-rule-banning-kaspersky-products-government-contracts/159742/
powerspork - 4 months ago
The previous ban was for use in government institutions. This is a ban of the product for anyone in the US, corporate or private.
noughts-ones - 4 months ago
Kaspersky, as big as ever in Europe.
NoneRain - 4 months ago
I think their market in USA was already small enough after the federal sanctions (on gov), basically being replaced by CrowdStrike in the enterprise segment, so the banning is not THAT big for them, financially speaking.
deltasierra - 4 months ago
"I think their market in USA was already small enough after the federal sanctions (on gov), basically being replaced by CrowdStrike in the enterprise segment, so the banning is not THAT big for them, financially speaking. "
Agreed; without the higher margins that enterprise customers yield, being relegated to low-cost consumer AV products is hardly a winning position for them, even for as large as the U.S. market is/would be. Taking the hit to their threat labs and intel is probably the biggest pain for Kasperski.
Can't say I'm surprised. Politics aside, I start to worry about the precedence that this sets, namely when it's done out of caution rather than actual evidence as Kasperski pointed out. I'm actually thinking that this is intended to have the effect of economic sanctions against Russia more so than just mitigating an imminent national security threat. At the same time, yes, I'm sure it could be easily and quietly backdoored, although Putin is smart enough to do it in a way to have plausible deniability.
ranchhand_ - 4 months ago
Kaspersky is a "me too" AV that is next to useless. Biden did America's users a favor, now they will have to use Windows Defender AV/Firewall which is better that Kas anyway.
Mahhn - 4 months ago
Its sad because they are one of the best reputation companies to come out of RU, but its right because putin is insane and when he says do this or I will ____ you and your family, everyone knows its true. I hope they can maintain, as it is the best interface of any av product ever. We moved to defender when putin attacked as we all knew it would only get worse. And man have we suffered with the worst sec management interface for security ever,,,,
pnda73 - 4 months ago
I would have hoped Kaspersky come out guns blazing. After moving their data infrastructure to Switzerland exactly for this purpose, this is a major slap in the face.
Not that I'm fanboying Kaspersky or anything, just that I don't like this overarching control of the government.
Kaspersky's response seems evasive and submissive.
How does this not affect sales in US? One day you can sell, the next day you can't. Basic logic dictates it will affect sales.
It's a shame Kaspersky seem to be taking this sitting down.
0lds0d - 4 months ago
@ ranchhand_
Agreed. GBA!