The United States has announced a comprehensive ban on the sale and use of antivirus software developed by the Russian firm Kaspersky, citing national security concerns.
Commerce Secretary Gina Raimondo unveiled the decision on Thursday. The decision is rooted in fears over the company’s alleged ties to the Kremlin and the potential risks posed to U.S. infrastructure and personal data.
Raimondo emphasized the urgency of the measure, stating that the U.S. had to act due to Russia’s “capability and intent to collect and weaponize the personal information of Americans.”
The ban will take effect in stages, with Kaspersky prohibited from entering new agreements with U.S. entities starting July 20.
By September 29, the company will also be prohibited from updating its software or operating its Kaspersky Security Network within the U.S.
Free Webinar on API vulnerability scanning for OWASP API Top 10 vulnerabilities -> Book Your Spot
The Commerce Department’s decision is backed by broad powers established during the Trump administration, which allow for the restriction or prohibition of transactions between U.S. firms and tech companies from “foreign adversary” nations like Russia and China.
This move marks the first use of these authorities under a 2019 executive order concerning information and communications technology and services (ICTS).
In addition to the ban, the Commerce Department has added three Kaspersky entities—AO Kaspersky Lab and OOO Kaspersky Group in Russia and Kaspersky Labs Limited in the United Kingdom—to the Entity List.
This designation restricts their ability to engage in U.S. technology and services transactions, further isolating the company from the American market.
Kaspersky will no longer be able to sell its software within the United States or provide updates to existing software after September 29, 2024.
Kaspersky Statement
Kaspersky Lab stated that it is “aware of the decision”. It emphasized that while sales of its products are banned, existing users can continue to use them until the prohibition on updates takes effect on September 29, 2024.
The company plans to pursue all legal options to preserve its current operations and relationships in the U.S.
Kaspersky, headquartered in Moscow, has consistently denied any ties to the Russian government.
In a statement, the company expressed its awareness of the decision and its intention to pursue all legally available options to maintain its operations and relationships in the U.S. Kaspersky argued that the Commerce Department’s decision was influenced by the current geopolitical climate rather than a thorough evaluation of the company’s products and services.
The ban affects many U.S. customers, including state and local governments and companies in critical telecommunications, power, and healthcare sectors. While the exact number of affected users remains classified, a Commerce Department official described it as substantial.
This action follows a history of U.S. government concerns about Kaspersky. In 2017, the Department of Homeland Security banned using Kaspersky’s flagship antivirus product on federal networks, citing alleged ties to Russian intelligence.
The current ban extends these restrictions to all U.S. entities and individuals, urging them to transition to alternative cybersecurity solutions to protect their data.
Commerce Secretary Raimondo underscored the importance of this measure, stating, “Russia has shown it has the capacity and intent to exploit Russian companies like Kaspersky to collect and weaponize the personal information of Americans.” She advised Americans and U.S. businesses to immediately stop using Kaspersky software and switch to alternatives to safeguard their data.
The ban on Kaspersky is a significant step in the U.S. government’s ongoing efforts to protect national security and mitigate risks associated with foreign technology companies.
Free Webinar! 3 Security Trends to Maximize MSP Growth -> Register For Free