The Biden administration has banned the sale of Kaspersky Lab products and services in the United States, citing significant national security risks.
Commerce Secretary Gina Raimondo announced the crackdown during a call with reporters, emphasizing the potential threat posed by the Russian cybersecurity firm.
“Russia has shown it has the capacity – and even more than that, the intent – to exploit Russian companies like Kaspersky to collect and weaponize the personal information of Americans,” Raimondo stated.
Tekedia Mini-MBA edition 15 (Sept 9 – Dec 7, 2024) has started registrations; register today for early bird discounts.
Tekedia AI in Business Masterclass opens registrations here.
Join Tekedia Capital Syndicate and invest in Africa’s finest startups here.
The prohibition, which takes effect on July 20, will prevent the sale of Kaspersky software to new customers in the US. Furthermore, starting September 29, Kaspersky will be banned from distributing software updates and malware signatures to existing US customers.
This move, which follows the crackdown on China-based TikTok, is intended to eliminate any ongoing threat posed by the company’s software being used within the United States.
Highlighting the potential dangers of Kaspersky’s operations, Raimondo noted, “Kaspersky, based in Moscow, is basically at the mercy of Putin, and with its tools installed all over American computers, the antivirus maker could – ironically enough – be ordered or forced to act as a conduit into those systems by the Kremlin.”
The US government’s decision follows a thorough investigation that concluded Kaspersky’s operations in the United States posed an unavoidable national security risk. The investigation revealed the Russian government’s capacity to influence or direct Kaspersky’s operations, leveraging the company’s technology for offensive cyber activities.
An official statement from the US government said: “The company’s continued operations in the United States presented a national security risk — due to the Russian Government’s offensive cyber capabilities and capacity to influence or direct Kaspersky’s operations – that could not be addressed through mitigation measures short of a total prohibition.”
In response to the ban, Kaspersky Lab issued a detailed statement asserting that the White House’s decision was driven by geopolitical tensions rather than a fair evaluation of the company’s integrity. Kaspersky denied any involvement in activities threatening US national security and vowed to explore all legal avenues to maintain its operations and relationships within the US.
“Kaspersky does not engage in activities which threaten US national security and, in fact, has made significant contributions with its reporting and protection from a variety of threat actors that targeted US interests and allies,” the company said.
Kaspersky has been there before
The Biden administration’s action against Kaspersky is not an isolated incident. It follows a series of measures aimed at reducing the influence of the Russian cybersecurity firm in the US. In 2017, the Department of Homeland Security (DHS) issued a directive mandating federal agencies to remove and discontinue the use of Kaspersky Lab products on their IT systems. This decision followed reports suggesting that Russian government operatives had exploited Kaspersky antivirus software to steal classified material from a computer belonging to a National Security Agency (NSA) contractor.
In an effort to allay these concerns, Kaspersky Lab offered to open its source code for third-party review. Despite this gesture, the scrutiny over the company’s ties to the Russian government persisted.
The following year, the National Defense Authorization Act (NDAA) for Fiscal Year 2018 was enacted, formally prohibiting the use of Kaspersky products by federal agencies. This legislative move underscored the U.S. government’s ongoing apprehension regarding the potential security risks posed by the software.
Further intensifying the restrictions, in March 2022, the Federal Communications Commission (FCC) added Kaspersky products and services to its list of communications equipment and services deemed to pose a threat to national security. This addition came shortly after Russia’s illegal invasion of Ukraine, reflecting heightened concerns about cybersecurity threats emanating from Russian entities.
Broader Efforts Against Tech Companies from Hostile Nations
This move is part of broader efforts by the US government to contain threats posed by tech companies based in hostile nations. Washington has also targeted Chinese-owned TikTok, citing national security concerns. The Biden administration, like its predecessor, has expressed concerns that the app could be used by the Chinese government to gather sensitive data on American users or to spread misinformation.
TikTok’s parent company, ByteDance, has faced extensive scrutiny and legal challenges in the US. The Trump administration attempted to ban the app in 2020, though the effort was blocked by the courts. Recently, several states have enacted laws prohibiting the use of TikTok on official devices, and US lawmakers have passed a bill, which President Biden signed into law, to further restrict TikTok’s operations.
These stringent measures underscore the significant challenges faced by foreign tech companies operating in the US market, especially those originating from countries considered adversaries.
The bans and restrictions complicate their ability to do business and maintain user bases in one of the world’s largest tech markets. These companies must navigate an increasingly hostile regulatory environment and the potential for sudden policy shifts that can drastically impact their operations.
Kaspersky said “the primary impact of these measures will be the benefit they provide to cyber crime,” adding that “international cooperation between cyber security experts is crucial in the fight against malware, and yet this will restrict those efforts.”