Today, the Biden administration announced an upcoming ban on Kaspersky antivirus software and related security updates for U.S. companies and consumers. This directive gives users until September 29, 2024, to find alternative security solutions.
Key Points of the Announcement
The U.S. Department of Commerce’s Bureau of Industry and Security (BIS) issued a Final Determination prohibiting Kaspersky Lab, Inc., a U.S. subsidiary of the Russia-based cybersecurity company, from providing antivirus software and cybersecurity services in the United States. This ban extends to all Kaspersky affiliates, subsidiaries, and parent companies.
Critical Deadlines
- July 20, 2024: Kaspersky is banned from entering new agreements with U.S. businesses or individuals.
- September 29, 2024: Kaspersky is prohibited from distributing software and antivirus updates in the U.S. or operating its Kaspersky Security Network (KSN) on U.S. systems.
Reasons Behind the Ban
The U.S. government’s concerns stem from Kaspersky’s potential links to the Russian government. Despite Kaspersky’s denial of any ties, the risk of Russian cyber capabilities influencing Kaspersky’s operations has led to this decisive action. This concern was heightened by past incidents where Kaspersky allegedly acquired secret security tools from the NSA’s cyber-operations division.
Impact on Users
Starting September 29, 2024, Kaspersky will not be able to push security updates, making it imperative for current users to transition to alternative security solutions. The U.S. government has set up a dedicated page to help corporate and consumer customers understand the implications of this ban.
Kaspersky’s Response
Kaspersky has expressed disappointment over the ban, stating that the decision appears to be influenced by geopolitical concerns rather than a thorough evaluation of their products’ integrity. The company asserts that it has always operated independently of any government and has implemented unmatched transparency measures.
“Kaspersky is aware of the decision by the U.S. Department of Commerce to prohibit the usage of Kaspersky software in the United States. The decision does not affect the company’s ability to sell and promote cyber threat intelligence offerings and/or trainings in the U.S. Despite proposing a system in which the security of Kaspersky products could have been independently verified by a trusted 3rd party, Kaspersky believes that the Department of Commerce made its decision based on the present geopolitical climate and theoretical concerns, rather than on a comprehensive evaluation of the integrity of Kaspersky’s products and services. Kaspersky does not engage in activities which threaten U.S. national security and, in fact, has made significant contributions with its reporting and protection from a variety of threat actors that targeted U.S. interests and allies. The company intends to pursue all legally available options to preserve its current operations and relationships.
For over 26 years, Kaspersky has succeeded in its mission of building a safer future by protecting over a billion devices. Kaspersky provides industry-leading products and services to customers around the world to protect them from all types of cyber threats, and has repeatedly demonstrated its independence from any government. Additionally, Kaspersky has implemented significant transparency measures that are unmatched by any of its cybersecurity industry peers to demonstrate its enduring commitment to integrity and trustworthiness. The Department of Commerce’s decision unfairly ignores the evidence.
The primary impact of these measures will be the benefit they provide to cybercrime. International cooperation between cybersecurity experts is crucial in the fight against malware, and yet this will restrict those efforts. Furthermore, it takes away the freedom that consumers and organizations, large and small, should have to use the protection they want, in this case forcing them away from the best anti-malware technology in the industry, according to independent tests. This will cause a dramatic disruption for our customers, who will be forced to urgently replace technology they prefer and have relied upon for their protection for years.
Kaspersky remains committed to protecting the world from cyberthreats. The company’s business remains resilient and strong, marked by an 11-percent growth in sales bookings in 2023. We look forward to what the future holds, and will continue to defend ourselves against actions that seek to unfairly harm our reputation and commercial interests.”
Looking Ahead
This ban signifies a critical shift in how the U.S. approaches cybersecurity and national security. As businesses and consumers transition to new security solutions, the emphasis on robust and transparent cybersecurity practices will only grow stronger.
