US bans Kaspersky for posing ‘significant risk’

The US is banning the sale of antivirus software made by Russian cyber-security firm Kaspersky because of its ties with Russia’s regime.

On Thursday, Commerce Secretary Gina Raimondo named the software to pose a “significant risk” to US infrastructure and services.

She said that the ban was due to Russia's "capacity and intent to collect and weaponize the personal information of Americans."

The plan will effectively prohibit software updates, resales, and software licensing starting September 29th. Sellers and resellers who breach these restrictions will be subject to fines from the Commerce Department.

The ban will also prohibit the company from sending signatures – crucial components of antivirus software that detect malicious threats. Antivirus vendors frequently send updated signatures to customer machines to ensure customers remain protected against new malware and threats as they are identified.

Without the ability to update signatures for customers in the US, Kaspersky software's effectiveness in detecting threats on those systems will diminish progressively over time.

Kaspersky logo atop its office building in Moscow
Kaspersky logo atop its office building in Moscow. Source: Shutterstock

In an emailed statement to Reuters, Kaspersky claimed that the US decision was driven by "the present geopolitical climate and theoretical concerns, rather than a comprehensive assessment of the integrity of Kaspersky's products and services."

Kaspersky also asserted that its activities do not threaten US national security and indicated that it will explore legal actions to maintain its operations.

Current plans follow the 2022 decision by the US Federal Communications Commission (FCC) to label Kaspersky Lab as a national security threat.

According to Reuters, Kaspersky was the first Russian firm to join the ‘threat list’, first populated with Chinese companies such as Huawei Technologies and ZRE Corp.

The US government banned Kaspersky products from all devices used in government departments back in 2017, citing the threat of spying.

A wave of Kaspersky bans

The wave of bans has risen in Europe as well. In 2022, Poland, Ireland, and the three Baltic states—Lithuania, Latvia, and Estonia—called for an EU-wide ban on Kaspersky software amid growing concerns that Russia might exploit the company’s products in cyber warfare.

Germany's cyber watchdog, BSI, warned against using Kaspersky antivirus amidst Russia's threats against the EU and NATO.

Germany was soon followed by Italy, as the country’s public sector was instructed in 2022 to replace Russian antivirus software to prevent service disruptions.

Protecting Russia’s regime

Kaspersky has faced criticism for continuing to provide its cybersecurity services to clients in Russia, including the country’s Defence Ministry, even as the invasion of Ukraine prompted businesses to exit the country.

Cybernews researchers have discovered that the IP address behind the (the Russian Ministry of Defence) belongs to Kaspersky Labs.

Kaspersky Labs also protects many other high-value domains that the Russian government uses to spread its propaganda, such as the state-owned news agency TASS, the state-owned TV network Russia Today, and GazpromBank.

Researchers speculated that Kaspersky might have some contract where the Russian government hosts their front-facing servers or the Internet through them.

In a written statement to Cybernews, Kaspersky denied that the domain of Russia’s Ministry of Defense is hosted on the company’s infrastructure.