In June of last year, under the leadership of then-President Joe Biden, the United States became the first nation to implement a sweeping ban on Kaspersky products and services, prohibiting their use across all federal agencies. This move, driven by concerns about national security, set the stage for other countries to take similar actions.
Most recently, the Australian government followed suit, announcing a ban on Kaspersky’s software in all its federal agencies. This decision was made following an order issued by the Secretary of the Department of Home Affairs over the past weekend, and it is part of the nation’s broader Protective Security Policy Framework (PSPF). The PSPF allows for the restriction of IT products or services when they pose unacceptable security risks, such as potential threats to national security.
The central concern driving both the U.S. and Australia’s decisions is the possibility that Kaspersky’s software could be used to gather intelligence and relay sensitive data to foreign entities. Although there has been no concrete evidence to support these claims, the mere suspicion of potential espionage has led both nations to act decisively in limiting the use of Kaspersky products. Under national security laws, businesses can be banned from operating within a country if there are credible allegations of such activities, regardless of whether the accusations are substantiated.
It’s important to note, however, that the Australian government’s ban is limited to the use of Kaspersky software by federal agencies. Corporate and private entities in Australia are still free to use Kaspersky products, although they are cautioned to do so at their own risk. This distinction highlights the concern for national security without necessarily criminalizing the use of Kaspersky on a broader scale.
Kaspersky Lab, founded by Eugene Kaspersky in Russia, has consistently denied any wrongdoing. The company, which initially operated from Russia, has since relocated its headquarters to a Southeast Asian country, likely in an attempt to alleviate concerns related to data security and privacy. Despite these efforts, the company is still facing significant challenges in regaining the trust of Western nations. Along with Australia and the U.S., other countries, including Canada, have also moved to restrict or ban the use of Kaspersky software within their borders.
As part of the new Australian directive, entities using Kaspersky software are being urged to seek alternative solutions by the end of March 2025. By April 1st, 2025, all government-funded systems and devices must remove Kaspersky software, and failure to comply will result in legal consequences. The Department of Home Affairs has made it clear that any devices still using Kaspersky software after this date will be subject to prosecution.
Kaspersky has yet to issue an official statement regarding the ban in Australia, but an anonymous source within the company has confirmed that they will continue to provide customer support and software updates for six months following the imposition of the ban, regardless of whether the customer is using the premium service or not.
In an effort to reassure its customers, Kaspersky has moved much of its data hosting operations to European countries, including Switzerland, France, and the Netherlands, over the past two years. This was done to address ongoing concerns about data privacy and security. Despite these efforts, Kaspersky has struggled to regain the confidence of many Western nations, which continue to be wary of potential security threats posed by the company’s software.
Ad
Join over 500,000 cybersecurity professionals in our LinkedIn group “Information Security Community”!