The Biden administration has announced a ban on the sale of Kaspersky antivirus software in the United States starting in July. According to Reuters and a filing by the US Department of Commerce (PDF), the action is rooted in national security concerns.
The US government believes that software from Moscow-based Kaspersky Lab poses a risk due to potential misuse by the Russian government. This includes the possibility of installing malware, blocking security updates, and exploiting the personal information of American citizens, as explained by Commerce Secretary Gina Raimondo. She emphasized the evolving nature of national security threats, which now heavily depend on technology and data (Wired).
The ban will come into effect around July 24, 2024, giving US businesses and consumers 30 days to comply. Current users will have a 100-day grace period to continue using and updating the software, allowing for a transition to alternative security solutions. The ban extends to rebranded products that incorporate Kaspersky’s technology.
The decision follows a two-year investigation by the Department of Commerce, leveraging authority derived from a 2018 national defense authorization act signed during the Trump administration (Reuters). This move reflects years of apprehension across multiple US administrations regarding Kaspersky’s alleged ties to Russian intelligence agencies. In 2017, Kaspersky software was barred from federal systems, and in 2022, the Federal Communications Commission designated Kaspersky a security threat, blocking federal funding but not consumer sales (Ars Technica).
Kaspersky has consistently denied the allegations. CEO Eugene Kaspersky labelled the concerns as politically motivated in 2017, and the company has reiterated that there is no technical basis for the US government’s claims, arguing that the decisions are politically driven.