The US government will ban the sale of Kaspersky antivirus products to new customers in the United States starting July 20, with a follow-on deadline to prohibit the cybersecurity company from providing users with software updates after September 29.
The move follows years of allegations that the cybersecurity firm served as a hacking conduit for Russian intelligence agencies—allegations that the company has consistently denied.
While current US Kaspersky customers will see no immediate impact from the ban, the September 29 software update deadline signals a bigger change. Without available updates, any cybersecurity product becomes less secure over time, and means the company won’t be able to protect customers against the newest threats.
In a briefing call with reporters on Thursday, US Department of Commerce Secretary Gina Raimondo offered consolation and advice to current customers of the antivirus products:
“You have done nothing wrong, and you are not subject to any criminal or civil penalties. However, I would encourage you, in as strong as possible terms, to immediately stop using that software and switch to an alternative in order to protect yourself and your data and your family.”
Kaspersky rebuffed the Biden Administration’s decision in a statement shared on social media Thursday.
“Kaspersky does not engage in activities which threaten US national security and, in fact, has made significant contributions with its reporting and protection from a variety of threat actors that targeted US interested and allies,” the company said. “The company intends to purse all legally available options to preserve its current operations and relationships.”
The ban, first reported by Reuters and released Thursday, includes “AO Kaspersky Lab,” “OOO Kaspersky Group,” and “Kaspersky Labs Limited.”
According to the US Department of Commerce, all three Kaspersky entities are being banned “for their cooperation with Russian military and intelligence authorities in support of the Russian government’s cyber intelligence objectives.”
In October 2017, The New York Times reported that Israeli intelligence officers managed to catch Russian government hackers using Kaspersky to conduct clandestine searches across the globe. That reporting followed a bombshell investigation from The Wall Street Journal that claimed that Russian hackers stole classified NSA materials from a contractor’s personal computer which had Kaspersky software installed on it.
That reported hacking incident allegedly resulted in the US government’s decision that same year to remove Kaspersky antivirus software from US government devices.
In the same Thursday briefing call, Secretary Raimondo cited the threat of Russian influence in the Department’s decision to ban Kaspersky:
“Russia has shown it has the capacity and… the intent to exploit Russian companies like Kaspersky to collect and weaponize the personal information of Americans and that is why we are compelled to take the action that we are taking today.”
We don’t just report on threats—we remove them
Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.