Kaspersky could face another round of US punishments on national security grounds

Kaspersky Internet Security software
(Image credit: Getty Images)

The US is reportedly considering enforcement action against cyber security firm Kaspersky.


How to build a cyber-resilient business ready to innovate and thrive

Outperform your peers in your successful business outcomes


The news comes a year after Kaspersky was declared a ‘national security risk’ to the US and placed on an FCC blacklist following Russia’s invasion of Ukraine.

What type of enforcement action Kaspersky could receive is currently unknown, but measures typically include cease and desist orders, corrective action directives, prohibition orders, and more.

This means it could potentially be bundled with TikTok in the products under consideration for a nationwide ban.

The US already banned the use of Kaspersky security products across the federal government back in 2017 over concerns that it could aid Russian spying efforts, with or without Kaspersky’s cooperation.

Moscow-headquartered Kaspersky has consistently and vehemently denied the numerous allegations regarding fears it could be used as a spying tool by the Russian government.

It did not reply to ITPro’s request for comment.

Sources speaking to the Wall Street Journal, which first reported the story, did not provide details of when the Biden administration’s decision would be made.

The US Commerce Department’s Bureau of Industry and Security told Reuters that the department “is committed to fully exercising its authorities to protect Americans' sensitive data, and to working with Congress in a bipartisan way to adapt to evolving risks".

Is Kasperksy a national security risk?

Much like the fears surrounding Huawei and ZTE, the national security concerns surrounding Kaspersky are largely theoretical.

At least, no concrete evidence that it has been used for Russian spying has ever been made available to the public.

Nevertheless, Kaspersky could potentially soon face the same restrictions as the aforementioned Chinese firms.

Concerns around Huawei and ZTE started in 2018 after the National Cyber Security Centre (NCSC) said they both presented a national security risk, given their equipment’s heavy presence in the nation’s telecoms network.

This led to an order to rip and replace Huawei’s equipment from said network, favouring other vendors like Nokia and Ericsson.

The US also imposed similar restrictions which, in November 2022, culminated in a blanket ban on sales and imports of Huawei and ZTE products in the country.

Efforts to uproot Chinese telecoms equipment from the US first began during Barrack Obama’s presidency and were continued throughout Donald Trump’s and now Joe Biden’s administrations.

Huawei and ZTE have both strenuously denied the allegations brought against them.

The underlying reasoning for these national security concerns is that the Chinese government could theoretically order companies to relinquish data to authorities, offering no chance for refusal.

This means providers of telecoms equipment could theoretically send data on essentially the entire population of a nation, as well as the businesses operating within its borders.

Kaspersky co-founder, Eugene Kaspersky, has well-known historical ties to Russia’s intelligence services.

Russia has similar government collaboration laws as China in that domestic businesses must comply with orders from the security services (FSB).

Coupled with the alleged ongoing link between the security firm’s co-founder and Russian intelligence, this seemingly presents enough cause to warrant such decisive measures.

In an exclusive interview with ITPro back in 2016, Eugene Kaspersky said that if the company were to discover evidence of state-sponsored spying, it may be forced to remain silent on the matter.

“If it's [found] working for a customer, we must ask ‘’can we disclose this information or not’. If they agree to disclose this information, we do. If not, unfortunately, we must be silent about it,” he said.

“In some cases, we can see there's something anomalous going on ourselves, and we find it and we analyse it, we find the victims and report the victims not directly to the victim, but to the nation's organisation responsible for security so we share the information. But, we share only the pieces of information that are related to that nation, we don't share everything to everyone.”

What’s happened in the Kaspersky story so far?

Eugene Kaspersky co-founded his namesake security firm in 1997 after previously working as a software engineer for the Soviet Ministry of Defence’s intelligence branch.

Accusations of potential collaboration between the company’s CEO and the Kremlin began even before Kaspersky was formed, back in 1994 when the civilian IT firm for which Eugene Kaspersky worked at the time first started winning US contracts, he has previously said.

Ever since, the company has repeatedly denied the allegations that have been brought against it. From turning a blind eye to cyber attacks that benefitted Russia, to appointing a large number of its executives with Russian military or intelligence backgrounds.

One of the key turning points for the company came in 2017 when, in the US, the Trump administration banned the company’s products across federal government IT environments, citing security risks.

Kasperksy tried to appeal the decision but its case ultimately failed.

Eugene Kaspersky said the decision was based on “subjective and non-technical public sources like uncorroborated and often anonymously sourced media reports”.

Months earlier, Bloomberg reported claims that Kaspersky had been working with the Russian intelligence services and had built products for them - more allegations the company’s co-founder branded “unfounded” and “total BS”.

Perhaps the most significant shift in attitude, at least globally speaking, came last year following the Russian invasion of Ukraine.

A Reuters report suggested that the US government started warning domestic companies about the potential risks of running Kaspersky software the day after the invasion.

The US later added the company to the FCC’s blacklist, branding it a national security risk, despite the company officially denouncing the war.

The UK’s NCSC and Germany’s equivalent agency, the BSI, also both separately advised organisations to avoid using Kaspersky’s products, with the latter claiming it could be used to facilitate offensive cyber operations.

Connor Jones

Connor Jones has been at the forefront of global cyber security news coverage for the past few years, breaking developments on major stories such as LockBit’s ransomware attack on Royal Mail International, and many others. He has also made sporadic appearances on the ITPro Podcast discussing topics from home desk setups all the way to hacking systems using prosthetic limbs. He has a master’s degree in Magazine Journalism from the University of Sheffield, and has previously written for the likes of Red Bull Esports and UNILAD tech during his career that started in 2015.