Biden administration bans sale of Kaspersky software in US
The Commerce Department will ban the cybersecurity firm Kaspersky Labs from selling its software to U.S. consumers, the latest move by the Biden administration to curtail the Russian company’s operations in the United States.
In an announcement Thursday, the Commerce Department said it would use for the first time newly expanded authorities to regulate technology transactions with U.S. adversaries to effectively ban Kaspersky from doing business in the United States. The move under the agency’s information and communications technology supply chain regulations prohibits Kaspersky from selling its antivirus software to U.S. consumers and even updating that product.
In a call with reporters ahead of Thursday’s announcement, Commerce Secretary Gina Raimondo said the move to ban Kaspersky was prompted by an extensive review of the company, its ties to the Russian government and the possibility that the Kremlin could lean on the firm to supply data on U.S. customers or be used in cyberoperations.
“Russia has shown time and again they have the capability and intent to exploit Russian companies, like Kaspersky Lab, to collect and weaponize sensitive U.S. information, and we will continue to use every tool at our disposal to safeguard U.S. national security and the American people,” Raimondo added in a statement.
Raimondo said the U.S. government will launch an awareness campaign to educate U.S. consumers of Kaspersky software about the threat it poses but that they would not be subject to criminal or civil penalties for using the tool. “I would encourage you in the strongest possible terms to stop using that software,” Raimondo told reporters.
In addition to the ban on the sale and updating of Kaspersky software, the Commerce Department will also add three Kaspersky entities to the department’s entity list, which sharply limits the ability of U.S. companies to carry out transactions with the corporate entities in question.
A senior Commerce Department official speaking on condition of anonymity said that the U.S. government’s review of Kaspersky’s presence in the United States had revealed that critical infrastructure operators and local governments are among the company’s American clients, prompting alarm that the software could be used in attacks against them.
A spokesperson for Kaspersky said the Commerce Department’s decision was based on “the present geopolitical climate and theoretical concerns, rather than on a comprehensive evaluation of the integrity of Kaspersky’s products and services,” adding that the agency rejected a proposal by the company for its products to be vetted by a third party.
The spokesperson said “the company intends to pursue all legally available options to preserve its current operations and relationships” and that it “has repeatedly demonstrated its independence from any government.”
On Friday, the Treasury Department took additional action against Kaspersky by sanctioning 12 company executives.
The notion that Kaspersky products would be used in operations against the U.S. government has been cited as a theoretical threat for years, and in 2017 Washington banned federal agencies from using its products. On Thursday, the Commerce Department official would not cite any specific examples of how Moscow might use the company as part of its intelligence or cyber operations but said “we believe that it is more than just a theoretical threat.”
Banning the sale and even updating of Kaspersky’s products creates a headache for its existing U.S. customers. The ban on product updates — which will go into effect on Sept. 29 — will mean that Kaspersky customers in the United States will find the company’s anti-virus tool to be less effective as time goes by, a consideration that Commerce Department officials said will inform the U.S. government’s messaging campaign.
Updated June 21, 2024: This article has been updated with a statement from a spokesperson for Kaspersky Labs and an announcement from the Treasury Department sanctioning a dozen Kaspersky executives.
