Biden Administration To Ban US Sales Of Kaspersky Software – Report

The Biden Administration is reportedly set to increase the pressure on Moscow-based Kaspersky Lab, over its links to Russia.

Reuters, citing a person familiar with the matter, reported that the Biden Administration on Thursday will announce plans to bar the sale of Kaspersky Lab’s antivirus software in the United States.

The move comes amid US concern about Kaspersky Lab’s large customers in America, including critical infrastructure providers, as well as state and local governments.

Entity list

Reuters reported that Kaspersky Lab’s close ties to the Russian government were found to pose a critical risk, with the Reuters source adding that the software’s privileged access to a computer’s systems could allow it to steal sensitive information from American computers, install malware or withhold critical updates.

The sweeping new rule will apparently utilise broad powers created by the Trump administration, and will be coupled with another move to add the company to a trade restriction list, according to two other people familiar with the matter.

The plan to add the cybersecurity company to the US entity list, which effectively bars a company’s US suppliers from selling to it, and the timing and details of the software sales prohibition, have not been previously reported, Reuters noted.

A spokesperson for the Commerce Department declined to comment, while Kaspersky Lab and the Russian Embassy did not respond to requests for comment, Reuters reported.

Kaspersky for its part has always maintained that it is a private firm with no ties to the Russian government.

The firm has even previously offered its source code for inspection by the US government.

According to the Reuters report however, the US ban shows the Biden administration is trying to stamp out any risks of Russian cyberattacks stemming from Kaspersky software.

The move is also reportedly designed to keep squeezing Moscow and the Putin regime, amid its illegal war in Ukraine.

New tools

According to Reuters, the move also shows the Biden administration is harnessing a powerful new authority that allows it to ban or restrict transactions between US firms and internet, telecom and tech companies from “foreign adversary” nations like Russia and China.

The tools are largely untested, Reuters noted.

Former President Donald Trump used them to try to bar Americans from using Chinese social media platforms TikTok and WeChat, but federal courts halted the moves.

The US restrictions on inbound sales of Kaspersky software, would also ban downloads of software updates, resales and licensing of the product, and would kick in on 29 September 2024, 100 days after publication, to give businesses time to find alternatives, Reuters reported.

New US business for Kaspersky will be blocked 30 days after the restrictions are announced.

Sales of white-labeled products – that integrate Kaspersky into software sold under a different brand name – will also be barred, the source told Reuters, noting that the Commerce Department will notify the companies before enforcing.

At the time of writing there has been little public response from Kaspersky Lab, or from its CEO and founder Eugene Kaspersky.

Kaspersky Lab

Kspersky Lab has been firmly in the crosshairs of Western security agencies and governments for the past seven years now.

In 2017 the Department of Homeland Security banned Kaspersky antivirus from US federal networks, alleging ties to Russian intelligence and warning that Russian law could allow Putin’s intelligence agencies to compel assistance from Kaspersky.

The FBI also reportedly advised a wide range of private firms not to use Kaspersky’s products and some US retailers, such as Best Buy, removed them from shelves.

The same year the UK’s National Cyber Security Centre (NCSC) also warned British government departments not to use antivirus products with links to Russia for systems related to national security and those which were “critically important”.

And then Russia’s President Putin opted to illegally invade Ukraine in February 2022.

Reuters noted that this triggered the US government to privately warn some American companies that Moscow could manipulate software designed by Kaspersky to cause harm.

In May 2022 the Biden Administration elevated the priority of a national security probe into Kaspersky Lab, amidst heightened fears of cyber-attacks due to the conflict in the Ukraine.

In March 2022, following the Ukraine invasion, Germany’s cyber-security authority, the Federal Office for Information Security (BSI), issued an official warning against using Kaspersky products due to threats made by Russia’s President Vladimir Putin against the EU, NATO and Germany.