The U.S. Department of Commerce’s Bureau of Industry and Security (BIS) has implemented an unprecedented ban on Kaspersky Lab’s U.S. subsidiary, prohibiting the company from directly or indirectly offering its security software in the country. This prohibition also extends to the cybersecurity company’s affiliates, subsidiaries, and parent companies, citing national security risks associated with its operations.
The BIS emphasized that Kaspersky’s operations in the United States posed a significant national security threat due to potential Russian government influence. The department highlighted concerns about Kaspersky’s ability to provide the Kremlin with access to sensitive U.S. customer information, the potential for malicious software installation, and the withholding of critical updates.
The manipulation of Kaspersky software within U.S. critical infrastructure can lead to severe risks, including data theft, espionage, and system malfunctions. These vulnerabilities also threaten the country’s economic security and public health, potentially resulting in injuries or loss of life.
Effective July 20, Kaspersky will be barred from selling its software to American consumers and businesses. However, the company is permitted to provide software and antivirus signature updates to existing customers until September 29. Current customers are advised to find suitable replacements within this period to ensure continuous security protection.
The BIS underscored that the Russian government’s offensive cyber capabilities and capacity to influence or direct Kaspersky’s operations necessitated this comprehensive prohibition. The inclusion of Kaspersky on the Entity List further restricts its cooperation with Russian military and intelligence authorities.
Kaspersky, headquartered in Moscow, serves over 400 million customers and 240,000 corporate clients across 200 countries. Despite its global reach, the company has faced scrutiny from the U.S. government due to its Russian ties. In 2017, Kaspersky products were banned from federal networks, and subsequent reports revealed instances of Russian hackers exploiting Kaspersky software to steal U.S. classified information.
Kaspersky has responded to the recent ban by asserting that the Commerce Department’s decision is influenced by the current geopolitical climate and disregards the transparency measures the company has implemented to demonstrate its integrity and trustworthiness.