Pierluigi Paganini June 20, 2024

The US government announced the ban on selling Kaspersky software due to security risks from Russia and urged citizens to replace it.

The Biden administration announced it will ban the sale of Kaspersky antivirus software due to the risks posed by Russia to U.S. national security. The U.S. government is implementing a new rule leveraging powers established during the Trump administration to ban the sale of Kaspersky software, citing national security risks posed by Russia.

The Commerce Department’s Bureau of Industry and Security banned the Russian cybersecurity firm because it is based in Russia.

Government experts believe that the influence of the Kremlin over the company poses a significant risk,, reported the Reuters. Russia-linked actors can abuse the software’s privileged access to a computer’s systems to steal sensitive information from American computers or spread malware, Commerce Secretary Gina Raimondo said on a briefing call with reporters on Thursday.

“Russia has shown it has the capacity and… the intent to exploit Russian companies like Kaspersky to collect and weaponize the personal information of Americans and that is why we are compelled to take the action that we are taking today,” Raimondo said on the call.

This isn’t the first time that Western governments have banned Kaspersky, but the Russian firm has always denied any link with the Russian government.

Reuters reported that the U.S. government plans to add three units of the cybersecurity company to a trade restriction list. The move will significantly impact the company’s sales in the U.S. and potentially in other Western countries that may adopt similar restrictions against the security firm.

TechCrunch reported that the ban will start on July 20, however, the company’s activities, including software updates to its US customers, will be prohibited on September 29.

“That means your software and services will degrade. That’s why I strongly recommend that you immediately find an alternative to Kaspersky,” Raimondo said. 

Raimondo is inviting Kaspersky’s customers to replace their software, it also explained that U.S. clients who already use Kaspersky’s antivirus are not violating the law.

“U.S. individuals and businesses that continue to use or have existing Kaspersky products and services are not in violation of the law, you have done nothing wrong and you are not subject to any criminal or civil penalties,” Raimondo added. “However, I would encourage you in the strongest possible terms, to immediately stop using that software and switch to an alternative in order to protect yourself and your data and your family.”

The Department of Homeland Security and the Justice Department will notify U.S. consumers about the ban. They will also set up a website to provide impacted customers with more information about the ban and instructions on the replacement.

The US cybersecurity agency CISA will notify critical infrastructure operators using Kaspersky software to support them in the replacement of the security firm.

In March 2022, the US Federal Communications Commission (FCC) added multiple Kaspersky products and services to its Covered List saying that they pose unacceptable risks to U.S. national security.

The Covered List, published by Public Safety and Homeland Security Bureau published, included products and services that could pose an unacceptable risk to the national security of the United States or the security and safety of United States persons.

In March 2022, the German Federal Office for Information Security agency, aka BSI, also recommended consumers uninstall Kaspersky anti-virus software. The Agency warns the cybersecurity firm could be implicated in hacking attacks during the ongoing Russian invasion of Ukraine.

According to §7 BSI law, the BSI warns against using Kaspersky Antivirus and recommends replacing it asap with defense solutions from other vendors.

The alert pointed out that antivirus software operates with high privileges on machines and if compromised could allow an attacker to take over them. BSI remarks that the trust in the reliability and self-protection of a manufacturer as well as his authentic ability to act is crucial for the safe use of any defense software. The doubts about the reliability of the manufacturer, lead the agency in considering the antivirus protection offered by the vendor risky for the IT infrastructure that uses it.

BSI warns of potential offensive cyber operations that can be conducted with the support of a Russian IT manufacturer, it also explains that the vendor could be forced to conduct attacks or be exploited for espionage purposes without its knowledge.

The United States banned government agencies from using Kaspersky defense solutions since 2017, The company rejected any allegation and also clarified that Russian policies and laws are applied to telecoms and ISPs, not security firms like Kaspersky.

In June 2018, the European Parliament passed a resolution that classifies the security firm’s software as “malicious” due to the alleged link of the company with Russian intelligence.

Some European states, including the UK, the Netherlands, and Lithuania also excluded the software of the Russian firm on sensitive systems.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, cyberespionage)