Pierluigi Paganini June 22, 2024

The Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned twelve Kaspersky Lab executives for their role in the Russian company.

The Treasury Department’s Office of Foreign Assets Control (OFAC) has sanctioned twelve Kaspersky Lab executives for their role in the Russian company.

All the sanctioned individuals are in executive and senior leadership roles at AO Kaspersky Lab (Kaspersky Lab). 

“Today’s action against the leadership of Kaspersky Lab underscores our commitment to ensure the integrity of our cyber domain and to protect our citizens against malicious cyber threats,” said Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson.  “The United States will take action where necessary to hold accountable those who would seek to facilitate or otherwise enable these activities.”

On June 20, 2024, the Biden administration announced the ban on selling Kaspersky antivirus software due to the risks posed by Russia to U.S. national security. The U.S. government is implementing a new rule leveraging powers established during the Trump administration to ban the sale of Kaspersky software, citing national security risks posed by Russia.

The Commerce Department’s Bureau of Industry and Security banned the Russian cybersecurity firm because it is based in Russia.

Government experts believe that the influence of the Kremlin over the company poses a significant risk, reported the Reuters. Russia-linked actors can abuse the software’s privileged access to a computer’s systems to steal sensitive information from American computers or spread malware, Commerce Secretary Gina Raimondo said on a briefing call with reporters on Thursday.

“Russia has shown it has the capacity and… the intent to exploit Russian companies like Kaspersky to collect and weaponize the personal information of Americans and that is why we are compelled to take the action that we are taking today,” Raimondo said on the call.

TechCrunch reported that the ban will start on July 20, however, the company’s activities, including software updates to its US customers, will be prohibited on September 29.

“That means your software and services will degrade. That’s why I strongly recommend that you immediately find an alternative to Kaspersky,” Raimondo said. 

Raimondo is inviting Kaspersky’s customers to replace their software, it also explained that U.S. clients who already use Kaspersky’s antivirus are not violating the law.

“U.S. individuals and businesses that continue to use or have existing Kaspersky products and services are not in violation of the law, you have done nothing wrong and you are not subject to any criminal or civil penalties,” Raimondo added. “However, I would encourage you in the strongest possible terms, to immediately stop using that software and switch to an alternative in order to protect yourself and your data and your family.”

The Department of Homeland Security and the Justice Department will notify U.S. consumers about the ban. They will also set up a website to provide impacted customers with more information about the ban and instructions on the replacement.

The US cybersecurity agency CISA will notify critical infrastructure operators using Kaspersky software to support them in the replacement of the security firm.

The U.S. Department of Commerce has also added AO Kaspersky Lab, OOO Kaspersky Group (Russia), and Kaspersky Labs Limited (United Kingdom) to the Entity List. The US government speculates the two companies cooperate with Russian military and intelligence authorities in support of the Russian government’s cyber intelligence activities.

The U.S. Department of Commerce has added AO Kaspersky Lab, OOO Kaspersky Group (Russia), and Kaspersky Labs Limited (United Kingdom) to the Entity List. This designation is due to their cooperation with Russian military and intelligence authorities in support of the Russian government’s cyber intelligence activities, which pose risks to U.S. national security and foreign policy interests.

The US government sanctioned the following Kaspersky Lab employees:

• Andrei Gennadyevich Tikhonov (Tikhonov) – Board member and CFO.
• Daniil Sergeyevich Borshchev (Borshchev) – Board member and Deputy CEO of Strategy and Economics
• Andrei Anatolyevich Efremov (Efremov) – Board member and Chief Business Development Officer (CBDO)
• Igor Gennadyevich Chekunov (Chekunov) – Board member Chief Legal Officer (CLO).
• Andrey Petrovich Dukhvalov (Dukhvalov) – Vice President and Director of Future Technologies
• Andrei Anatolyevich Suvorov (Suvorov) – Head of Kaspersky Operating System Business Unit
• Denis Vladimirovich Zenkin (Zenkin) – Head of Corporate Communications
• Marina Mikhaylovna Alekseeva (Alekseeva) – Chief Human Resources (HR) Officer (CHRO)
• Mikhail Yuryevich Gerber (Gerber) – Executive Vice President of Consumer Business 
• Anton Mikhaylovich Ivanov (Ivanov) – Chief Technology Officer (CTO)
• Kirill Aleksandrovich Astrakhan (Astrakhan) – Executive Vice President for Corporate Business
• Anna Vladimirovna Kulashova (Kulashova) – Managing Director for Russia and the Commonwealth of Independent States (CIS)

The individuals listed were designated under Executive Order 14024 for their involvement in the technology sector of the Russian Federation economy.

The company CEO and founder, Eugene Kaspersky, was not sanctioned.

As a result of the sanctions, the U.S. Department of the Treasury’s Office of Foreign Assets Control has frozen all property and interests in property of the designated individuals and entities under U.S. jurisdiction. These assets must be reported to OFAC. Any entities owned 50% or more by one or more blocked persons are also blocked. Transactions involving these blocked persons are generally prohibited unless authorized by OFAC. Additionally, foreign financial institutions facilitating significant transactions with Russia’s military-industrial base risk sanctions by OFAC. OFAC aims to encourage positive behavioral change rather than punishment. For guidance on sanctions and removal from OFAC lists, refer to the OFAC advisory and FAQs.

Pierluigi Paganini

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

(SecurityAffairs – hacking, US government)