US Bans Russian Cybersecurity Firm Kaspersky’s Software

The Biden Administration on Thursday announced the ban on Russian-backed cybersecurity firm Kaspersky Lab, citing the Russian government’s influence over the software, according to a release from the US Commerce Department.

The Russian government has control over Kaspersky and therefore has access to the firm’s systems and all its customers’ data, US officials say. On a call with reporters, Commerce Secretary Gina Raimondo said Russia’s access to the firm is an ongoing threat, saying, “Russia has shown it has the capacity, and even more than that, the intent to exploit Russian companies like Kaspersky to collect and weaponize the personal information of Americans.”

Raimondo said the Commerce Department’s Bureau of Industry and Security could ban the software under its new authorities. The firm was already banned from several government systems going back to 2017, Raimondo told reporters. “While we’ve been exploring every option at our disposal, we ultimately decided that given the Russian government’s continued offensive cyber capabilities and capacity to influence Kaspersky’s operations, that we had to take the significan measure of a full prohibition if we’re going to protect Americans and their personal data.”

After July 20, Kaspersky will be prohibited from entering into new agreements inside the US. The company can still provide existing customers with cyber and antivirus software until Sept. 29, but will not be able to provide updates or support after that date.

Related:TikTok, Congress, and Digital Battles in Geopolitics

“I would encourage you in the strongest possible terms to immediately stop using that software and switch to an alternative in order to protect yourself, your data, and your family,” Raimondo said.

Many US tech companies severed ties with Russia after the country’s invasion of Ukraine in March of 2022. The US unleashed historic sanctions on the company and tensions have remained high as the conflict drags on.

In an email to InformationWeek, a Kaspersky spokesperson said, “Despite proposing a system in which the security of Kaspersky products could have been independently verified by a trusted 3^rd party, Kaspersky believes that the Department of Commerce made its decision passed on the present geopolitical climate and theoretical concerns, rather than on a comprehensive evaluation of the integrity of Kaspersky’s products and services.”

The company insists it does not pose a threat to US security interests. “Kaspersky does not engage in activities which threaten US national security and, in fact, has made significant contributions with its reporting and protection from a variety of threat actors that targeted US Interests and allies.”

The spokesperson added, “The company plans to pursue all legally available options to preserve its current operations and relationships.”

‘Tectonic Shifts’

In an email statement, Andrew Borene, executive director for global security at threat intelligence firm Flashpoint, says, “This decision is a logical reflection of the tectonic shifts that are dividing economies along the lines of power competition between allies and the Russia/China/Iran/North Korea digital domain… Kaspersky has a history of problems with US, Canadian and other allied governments – banning its use for US security is probably a wise choice in many cases…”

Kremlin spokesperson Dmitry Peskov on Friday shot back at the US accusations against Kaspersky. "Kaspersky Lab is a company which is very, very competitive on the international level," he said. "This is a favorite method of unfair competition from the part of the United States. They resort to such tactics every time."

Kaspersky's headquarters are in Moscow and the firm also has offices in 31 countries serving millions of users.