Kaspersky To Shutter US Operation After National Security Ban

Kaspersky is withdrawing from the United States, after it was effectively banned from selling new products in the country on national security grounds.

Moscow-based Kaspersky Lab has confirmed it will begin closing down its operations in the United States from Saturday 20 July 2024 – a development first reported by independent cybersecurity journalist Kim Zetter.

It comes after the US Department of Commerce’s Bureau of Industry and Security (BIS) had announced in June that it was “prohibiting Kaspersky Lab, Inc., the US subsidiary of a Russia-based anti-virus software and cybersecurity company, from directly or indirectly providing anti-virus software and cybersecurity products or services in the United States or to US persons.”

National security

That US ban was a result of concern about Kaspersky Lab’s large customers in America, including critical infrastructure providers, as well as state and local governments.

US officials worry that those customers using Kaspersky software are vulnerable to Russia’s cyber operations.

The US ban begins on 29 September 2024, and any existing US customers will see their Kaspersky antivirus software become gradually less effective, as the Russian firm will not be able to update the software with signatures to detect new threats as they are discovered.

Kaspersky also has a British holding company and US operations in Massachusetts, but BIS said it had added three entities – AO Kaspersky Lab and OOO Kaspersky Group (Russia), and Kaspersky Labs Limited (United Kingdom) – to the Entity List for their co-operation with Russian military and intelligence authorities in support of the Russian Government’s cyber intelligence objectives.

And now this week the Russian company has confirmed that it will shutter its US operations, and will lay-off its US-based employees, which according to journalist Kim Zetter will affect “less than 50 employees in the US.”

“Kaspersky has been operating in the US for close to 20 years, contributing to the nation’s strategic cybersecurity goals by safeguarding organisations and individuals in the country from ever-evolving cyberthreats,” Kaspersky was quoted as saying.

“The company has carefully examined and evaluated the impact of the US legal requirements and made this sad and difficult decision as business opportunities in the country are no longer viable,” it added.

Kaspersky denial

Kaspersky for its part has always maintained that it is a private firm with no ties to the Russian government.

The firm has previously offered its source code for inspection by the US government.

Kaspersky has also stated the US government decision was based on the “geopolitical climate and theoretical concerns” rather than independently verifying risk.

Western restrictions

But there is no doubt that Kaspersky Lab has been firmly in the crosshairs of Western security agencies and governments for the past seven years.

In 2017 the Department of Homeland Security banned Kaspersky antivirus from US federal networks, alleging ties to Russian intelligence and warning that Russian law could allow Putin’s intelligence agencies to compel assistance from Kaspersky.

The FBI also reportedly advised a wide range of private firms not to use Kaspersky’s products and some US retailers, such as Best Buy, removed the products from its shelves.

The same year the UK’s National Cyber Security Centre (NCSC) also warned British government departments not to use antivirus products with links to Russia for systems related to national security and those which were “critically important”.

And then Russia’s President Putin opted to illegally invade Ukraine in February 2022, which prompted the US government to privately warn American companies that Moscow could manipulate software designed by Kaspersky to cause harm.

In May 2022 the Biden Administration elevated the priority of a national security probe into Kaspersky Lab, amidst heightened fears of cyberattacks due to the conflict in the Ukraine.

In March 2022, following the Ukraine invasion, Germany’s cyber-security authority, the Federal Office for Information Security (BSI), issued an official warning against using Kaspersky products due to threats made by Russia’s President Vladimir Putin against the EU, NATO and Germany.