Today, the Biden administration has announced an upcoming ban of Kaspersky antivirus software and the pushing of software updates to US companies and consumers, giving customers until September 29, 2024, to find alternative security software.

"Today, the Department of Commerce's Bureau of Industry and Security (BIS) announced a Final Determination prohibiting Kaspersky Lab, Inc., the U.S. subsidiary of a Russia-based anti-virus software and cybersecurity company, from directly or indirectly providing anti-virus software and cybersecurity products or services in the United States or to U.S. persons," reads a new announcement from the US BIS agency.

"The prohibition also applies to Kaspersky Lab, Inc.’s affiliates, subsidiaries and parent companies (together with Kaspersky Lab, Inc., “Kaspersky”)."

This ban not only involves the sale of Kaspersky products but also prevents the company from delivering antivirus and security updates to customers, making it critical for customers to provide alternative software by the end of September.

"The Biden-Harris Administration is committed to a whole-of-government approach to protect our national security and out-innovate our adversaries," said Secretary of Commerce Gina Raimondo.

"Russia has shown time and again they have the capability and intent to exploit Russian companies, like Kaspersky Lab, to collect and weaponize sensitive U.S. information, and we will continue to use every tool at our disposal to safeguard U.S. national security and the American people. "

While Kaspersky has denied any ties to the Russian government, the US government feels that due to the Russian government's cyber capabilities and ability to influence Kaspersky's operations, there was no way to mitigate the risk without a total ban on the company's services in the USA.

Much of this concern stems from Kaspersky's acquisition of secret security tools and exploits linked to the Equation Group, which is believed to have been the NSA's cyber-operations division.

At the time, Kaspersky stated that their antivirus software automatically retrieved the NSA files after detecting previously unseen but potentially malicious files. It is common for antivirus vendors to upload files that are suspected of being malicious to their servers for further analysis.

However, the US government believes that Russian FSB agents or other Kaspersky insiders used Kaspersky antivirus as an interactive search engine to scan computers worldwide for files of interest.

Since then, the US government has been slowly banning the use of Kaspersky products within federal agencies and now, with today's announcement, throughout the country.

As part of these announcements, the BIS has set up a dedicated page outlining what the Kaspersky ban means for corporate and consumer customers.

Starting at midnight ET on July 20, 2024, Kaspersky is banned from entering into any new agreements with a US person of business. This includes any software or white-labeled product from the company.

At midnight ET on September 29, 2024, Kaspersky or any of its agents are prohibited from distributing software and antivirus updates to customers and operating its Kaspersky Security Network (KSN) in the United States or on any US person's systems.

Kaspersky Security Network is the company's cloud-based threat platform that accepts new file samples and telemetry uploaded from devices running its software.

While the government states that they will not pursue legal action against any US individuals continuing to use Kaspersky software after these deadlines, they will be using the software at their own risk.

In addition to the ban, the BIS has added three entities associated with Kaspersky—AO Kaspersky Lab, OOO Kaspersky Group (Russia), and Kaspersky Labs Limited (United Kingdom)— to the Entity List for alleged cooperation with the Russian government.

In response to today's ban, Kaspersky shared the following statement with BleepingComputer, which we have reproduced in full below.

"Kaspersky is aware of the decision by the U.S. Department of Commerce to prohibit the usage of Kaspersky software in the United States. The decision does not affect the company’s ability to sell and promote cyber threat intelligence offerings and/or trainings in the U.S. Despite proposing a system in which the security of Kaspersky products could have been independently verified by a trusted 3rd party, Kaspersky believes that the Department of Commerce made its decision based on the present geopolitical climate and theoretical concerns, rather than on a comprehensive evaluation of the integrity of Kaspersky’s products and services. Kaspersky does not engage in activities which threaten U.S. national security and, in fact, has made significant contributions with its reporting and protection from a variety of threat actors that targeted U.S. interests and allies. The company intends to pursue all legally available options to preserve its current operations and relationships. 

For over 26 years, Kaspersky has succeeded in its mission of building a safer future by protecting over a billion devices. Kaspersky provides industry-leading products and services to customers around the world to protect them from all types of cyber threats, and has repeatedly demonstrated its independence from any government. Additionally, Kaspersky has implemented significant transparency measures that are unmatched by any of its cybersecurity industry peers to demonstrate its enduring commitment to integrity and trustworthiness. The Department of Commerce’s decision unfairly ignores the evidence. 

The primary impact of these measures will be the benefit they provide to cybercrime. International cooperation between cybersecurity experts is crucial in the fight against malware, and yet this will restrict those efforts. Furthermore, it takes away the freedom that consumers and organizations, large and small, should have to use the protection they want, in this case forcing them away from the best anti-malware technology in the industry, according to independent tests. This will cause a dramatic disruption for our customers, who will be forced to urgently replace technology they prefer and have relied upon for their protection for years. 

Kaspersky remains committed to protecting the world from cyberthreats. The company’s business remains resilient and strong, marked by an 11-percent growth in sales bookings in 2023. We look forward to what the future holds, and will continue to defend ourselves against actions that seek to unfairly harm our reputation and commercial interests."

Related Articles:

US sanctions 12 Kaspersky Lab execs for working in Russian tech sector

TeamViewer links corporate cyberattack to Russian state hackers

U.S. indicts Russian GRU hacker, offers $10 million reward

Ascension hacked after employee downloaded malicious file

DDoS attacks target EU political parties as elections begin