Why The US Government Banned Kaspersky, One Of The Biggest Anti-Virus Tools

The U.S. government has banned Kaspersky, the popular anti-virus software, over national security risks. The determination was issued by the Office of Information and Communications Technology and Services (OICTS) — part of the Department of Commerce's Bureau of Industry and Security (BIS). Once the order comes into effect, any resale, integration, or licensing of Kaspersky cybersecurity products will be prohibited on U.S. soil.

In its statement, the BIS cites the Russian government's offensive cyber capabilities and its potential to exert pressure on or control Kaspersky's operations as key reasons behind the move, mirroring similar concerns for Chinese companies.

Aside from Russia's status as a foreign adversary and the risks to national security, the order mentions that "Kaspersky software allows for the capability and opportunity to install malicious software and withhold critical updates." As well as the ban on Kaspersky's anti-virus software, the government is also putting three Kaspersky brands on the Entity List, a register of individuals or organizations that are deemed a national security threat and are subject to trade restrictions.

The list includes such names as China's Huawei and Israel's NSO Group, the maker of the infamous Pegasus spyware that can exfiltrate information from a target's phone with a zero-click model. This won't be the first rodeo of its kind for Kaspersky. Back in 2017, the Department of Homeland Security ordered a ban on the use of its anti-virus and cybersecurity software for U.S. federal agencies over similar concerns in the context of Russian interference.

I am a Kaspersky user. What now?

The Department of Commerce says it took the decision to ban Kaspersky after a "lengthy and thorough investigation" assessing the risks. The order will be implemented in two phases. Starting July 20, 2024, Kaspersky will be stopped from entering into a new sales agreement with an individual or company covering any of its cybersecurity or antivirus software.

If you have Kaspersky tools installed on your computer, they won't stop working, technically speaking. However, starting September 29, 2024, Kaspersky will also be prohibited from issuing any "anti-virus signature updates and codebase updates" for its software. Once that comes into effect, Kaspersky software will no longer be able to handle new risks that emerge, because the anti-virus tools haven't been updated to tackle those threats. 

In a nutshell, the Kaspersky toolkit will be rendered ineffective and would essentially be an open invitation for hackers and bad actors. The U.S. government has only given a grace period of roughly three months because customers, both individuals and organizations, might need extra time to switch to another cybersecurity product. For that buffer period, the Russian company will be allowed to operate the Kaspersky Security Network (KSN) in the U.S.

However, we suggest that users with Kaspersky software installed on their devices should make haste and not wait for the deadline. That's because there's a tangible chance of bad actors doubling down on targeting Kaspersky software in a last-ditch effort to cause damage and steal valuable information, among other nuisances.