Russian cybersecurity software company Kaspersky’s days of operation in the United States are now officially numbered.
The Biden administration said Thursday that it will prohibit the company from selling its products to new US-based customers starting July 20, and that the company will only be able to provide software updates to existing customers until September 29. . The ban, the first such action under authorities given to the Commerce Department in 2019, follows years of warnings from the US intelligence community that Kaspersky was a national security threat because Moscow allegedly could Take over your all-seeing antivirus software to spy on your clients.
“When you think about national security, you might think about guns, tanks and missiles,” Commerce Secretary Gina Raimondo told reporters during a briefing Thursday. “But the truth is, increasingly, it’s about technology, dual-use technology and data.”
The United States conducted an “extremely thorough” investigation of Kaspersky and explored “all options” to mitigate its risks, Raimondo said, but officials decided on an outright ban “given the Russian government’s continued offensive cyber capabilities and its ability to influence in Kasersky operations.
The Kaspersky ban represents the latest rift in relations between the United States and Russia, as the latter country remains locked in a brutal war with Ukraine and takes other steps to threaten Western democracies, including testing a jet-powered anti-satellite weapon. nuclear and the formation of a strategic alliance. with North Korea. But the ban could also immediately complicate business operations for U.S. companies that use Kaspersky software, which will lose updated antivirus definitions critical to blocking malware in just three months.
The Biden administration knows approximately how many customers Kaspersky has in the US, but government lawyers have determined that this information is proprietary commercial information and cannot be published, according to a Commerce Department official, who briefed reporters on condition of anonymity to discuss a sensitive topic. affair. The official said the “significant number” of U.S. customers include state and local governments and organizations that supply critical infrastructure such as telecommunications, energy and healthcare.
Raimondo sent a message to Kaspersky’s American customers on Thursday: “You have done nothing wrong and are not subject to any criminal or civil sanctions. However, I encourage you, in the strongest terms possible, to stop using that software immediately and switch to an alternative to protect yourself, your data, and your family.”
Commerce will work with the Homeland Security and Justice departments to “spread this message” and “ensure a smooth transition,” including through a website explaining the ban, Raimondo said. “We certainly don’t want to disrupt any American’s businesses or families.”
DHS’s Cybersecurity and Infrastructure Security Agency will contact critical infrastructure organizations that use Kaspersky to inform them of suspected national security risks and “help them identify alternatives,” the Commerce Department official said.
Kaspersky has consistently denied being a national security risk or an agent of the Kremlin. The company did not immediately respond to a request for comment on the new nationwide ban. But since Kaspersky has in the past resorted to litigation to defend itself, Thursday’s announcement could spark another lawsuit that sets a high-stakes legal test for the Commerce Department’s national security powers.
