US Bans Kaspersky Antivirus Software

US Bans Kaspersky Antivirus Software

The United States has announced plans to ban the sale of antivirus software from Russian firm Kaspersky, which has alleged ties to the Kremlin.

Moscow’s influence over the company poses a significant risk to U.S. infrastructure and services, Commerce Secretary Gina Raimondo said on Thursday.

The US was forced to take this action because of Russia’s “capacity and intent to collect and weaponize personal information on Americans.”

“Kaspersky, among other things, will no longer be able to sell its software generally within the United States or provide updates to software already in use,” the Commerce Department said.

Today’s Final Decision and Entity Listing are the result of a lengthy and comprehensive investigation that found that the company’s continued operations in the United States pose a national security risk due to the Russian Government’s offensive cyber capabilities and its ability to influence or direct Kaspersky’s activities, and that this cannot be addressed with mitigating measures short of a full ban.

Individuals and businesses using Kaspersky software are strongly encouraged to quickly switch to new vendors to limit the potential for malicious compromise of personal or other sensitive data due to potential gaps in cybersecurity coverage. Individuals and businesses that continue to use existing Kaspersky products and services will not face legal sanctions under the Final Decision. However, any individual or business that continues to use Kaspersky products and services assumes all cybersecurity and associated risks of doing so.

To minimize disruption to U.S. consumers and businesses and allow them time to find suitable alternatives, the Department’s decision will allow Kaspersky to continue certain operations in the U.S., including providing antivirus signature updates and code base updates, until 12:00 a.m. Eastern Daylight Time (EDT) on September 29, 2024.

The ban uses broad powers created by the Trump administration to prohibit or restrict transactions between U.S. companies and tech companies from “foreign enemy” countries like Russia and China. The ban would effectively ban the downloading of software updates, the resale and licensing of the product as of September 29, 2024, and would restrict new business for 30 days from the announcement. Sellers and vendors who violate the restrictions will be fined by the Ministry of Commerce.

Kaspersky denied any activity that threatened US security, saying it would use “all legally available options” to fight the ban.

The Commerce Department will also list two Russian and one UK-based units of Kaspersky for allegedly collaborating with Russian military intelligence.

The company has long been a target of U.S. regulators. In 2017, the Department of Homeland Security banned its flagship antivirus product from federal networks over alleged ties to Russian intelligence.

According to the statement made by the Ministry of Trade, the multinational company is headquartered in Moscow, has offices in 31 countries around the world and serves more than 400 million users and 270 thousand corporate customers in more than 200 countries.

The number of customers affected in the US is classified business data. However, a Commerce Department official was quoted as saying that it was a “significant number” and included state and local governments and telecommunications, electricity and healthcare providers. We can expect other countries to follow our lead in banning Kaspersky.

The full list of prohibited transactions can be found here:

You can listen to this broadcast here:
David Snell joins Rob Hakala for South Shore’s Morning News every Tuesday at 8:11 on 95.9 WATD fm