On June 20, 2024, the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) Office of Information and Communications Technology and Services (OICTS) made a ‘Final Determination’ banning Kaspersky Lab, Inc., from selling anti-virus software and cyber security products or services to businesses and individuals within the United States or provide updates to software already in use, due to national security concerns uncovered during an extensive investigation. It was known that the Russian government’s capabilities for cyber attacks and control over Kaspersky, made it necessary to enforce the total ban to reduce the risk. The ban also extends to Kaspersky Lab, Inc.’s affiliates, subsidiaries, and parent companies (including Kaspersky Lab, Inc., “Kaspersky’’). Furthermore, BIS included three organizations, AO Kaspersky Lab and OOO Kaspersky Group (Russia), and Kaspersky Labs Limited (United Kingdom), on their ‘Entity List’ for collaborating with Russian military and intelligence agencies to assist the Russian Government’s cyber intelligence goals.
Kaspersky Lab is a Russian multinational cyber security and anti-virus provider founded in 1997 by Eugene Kaspersky, Natalya Kaspersky, and Alexey De-Monderik. The company is headquartered in Moscow, Russia, and operated by a holding company in the United Kingdom. It operates in 31 countries, servicing users in over 200 countries and territories, provides cyber security and anti-virus products and services to over 400 million users and 270,000 corporate clients globally. Kaspersky Lab develops and sells antivirus, internet security, password management, endpoint security, and other cyber security products and services. As of 2020, Kaspersky was ranked fourth as the largest vendor of antivirus software by revenue.
The Bureau of Industry and Security’s (BIS) role is crucial in enhancing U.S. national security, foreign policy, and economic goals. It is vital in maintaining a strong export control and treaty compliance system and supporting U.S. leadership in key technologies. One of the main objectives of the BIS is to prevent the spread of weapons of mass destruction while also encouraging the expansion of U.S. exports. Moreover, within the BIS is the Office of Information and Communications Technology and Service (OICTS), tasked to investigate whether specific information and communications technology or services transactions within the United States present an excessive or unacceptable threat to national security. Together, these entities work hand-in-hand to safeguard national interests, maintain technological leadership, and bolster economic growth, embodying a harmonious blend of security and prosperity.
Gina Raimondo, Secretary of Commerce, said, “The Biden-Harris Administration is committed to a whole-of-government approach to protect our national security and out-innovate our adversaries. “Russia has shown time and again they have the capability and intent to exploit Russian companies, like Kaspersky Lab, to collect and weaponize sensitive U.S. information, and we will continue to use every tool at our disposal to safeguard U.S. national security and the American people. Today’s action, our first use of the Commerce Department’s ICTS authorities, demonstrates Commerce’s role in support of our national defense and shows our adversaries we will not hesitate to act when they use their technology poses a risk to United States and its citizens.”
The U.S. Government has taken several actions against Kaspersky. In 2017, the Department of Homeland Security (DHS) required federal agencies to remove and discontinue using Kaspersky products. The National Defense Authorization Act (NDAA) for Fiscal Year 2018 also banned the use of Kaspersky by the Federal Government. In March 2022, the U.S. Federal Communications Commission added Kaspersky’s products and services to its list of threats to national security. The Department of Commerce’s ruling is the most recent step taken by the U.S. Government to ensure the national security of U.S. citizens.
Leave a Reply