Company allowed to support users until September 29th.
Kaspersky has been prohibited from providing anti-virus software and cybersecurity products or services in the United States or to US persons.
In a statement, the US the Department of Commerce's Bureau of Industry and Security (BIS) added Kaspersky’s Russian and British entities to its blocked list “for their cooperation with Russian military and intelligence authorities in support of the Russian Government’s cyber intelligence objectives.”
The first action of its kind by BIS, whose mission is to investigate whether certain information and communications technology or services transactions in the United States pose an undue or unacceptable national security risk.
As a result of this ruling, Kaspersky will generally no longer be able to sell its software within the United States, or provide updates to software already in use.
BIS also encouraged any users of Kaspersky to move to using other vendors “to limit exposure of personal or other sensitive data to malign actors due to a potential lack of cybersecurity coverage.”
In order to minimise disruption to US consumers and businesses and to give them time to find suitable alternatives, the Department’s determination will allow Kaspersky to continue certain operations in the United States—including providing anti-virus signature updates and codebase updates — until 12:00AM Eastern Daylight Time (EDT) on September 29th, 2024.
Secretary of Commerce Gina Raimondo, said: “Russia has shown time and again they have the capability and intent to exploit Russian companies, like Kaspersky Lab, to collect and weaponize sensitive US information, and we will continue to use every tool at our disposal to safeguard U.S. national security and the American people.
“Today’s action, our first use of the Commerce Department’s ICTS authorities, demonstrates Commerce’s role in support of our national defence and shows our adversaries we will not hesitate to act when they use their technology poses a risk to United States and its citizens.”
Although Kaspersky operates as an international organisation with home offices in the UK and US, the company has its roots in Moscow and founder Eugene Kaspersky has ties to the Russian government, reports SC Media US.
This has led some within the U.S. government to worry that Kaspersky software could be deployed with back doors or other monitoring tools that would potentially allow Kremlin hackers to pull data from systems in other countries.
Kaspersky has long denied any ties to the Russian government or cooperation with any Kremlin espionage efforts. In a statement, the company said the decision does not affect the company’s ability to sell and promote cyber threat intelligence offerings and/or trainings in the US, and believes that the Department of Commerce made its decision based on the present geopolitical climate and theoretical concerns, rather than on a comprehensive evaluation of the integrity of Kaspersky’s products and services.
“Kaspersky does not engage in activities which threaten US national security and, in fact, has made significant contributions with its reporting and protection from a variety of threat actors that targeted US interests and allies,” it said. “The company intends to pursue all legally available options to preserve its current operations and relationships.”
The company said it has repeatedly demonstrated its independence from any government and has implemented significant transparency measures to demonstrate its enduring commitment to integrity and trustworthiness.
“The Department of Commerce’s decision unfairly ignores the evidence,” it said. “The primary impact of these measures will be the benefit they provide to cybercrime. International cooperation between cybersecurity experts is crucial in the fight against malware, and yet this will restrict those efforts.
“Furthermore, it takes away the freedom that consumers and organisations, large and small, should have to use the protection they want, in this case forcing them away from the best anti-malware technology in the industry, according to independent tests. This will cause a dramatic disruption for our customers, who will be forced to urgently replace technology they prefer and have relied upon for their protection for years.”
Dan Raywood is a seasoned B2B journalist with over 20 years of experience, specializing in cybersecurity for the past 15 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes. Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
Dan Raywood is a seasoned B2B journalist with over 20 years of experience, specializing in cybersecurity for the past 15 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes. Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
An error occurred trying to play the stream. Please reload the page and try again.
CloseRegistering with SC Media is 100% free. Join tens of thousands of cybersecurity leaders today and gain access to the latest analysis shaping the global infosec agenda.
