Kaspersky Lab shuts down US operations in wake of national security ban

Russian security firm Kaspersky Lab has informed its employees in the United States that the company will begin winding down its US operations starting July 20, according to a report from Zero Day.

The company’s decision comes after the US Department of Commerce chose in June to ban the sale of Kaspersky Lab’s software in the country after what the agency described as a “lengthy and thorough investigation, which found that the company’s continued operations in the United States presented a national security risk.”

All US-based Kaspersky positions will be eliminated as a result of the ban, Kaspersky officials told Zero Day.

So far, no specifics have been revealed as to what the US Department of Commerce’s review discovered, but according to the Bureau of Industry and Security (BIS), which conducted the review, “the Russian Government’s offensive cyber capabilities and capacity to influence or direct Kaspersky’s operations … could not be addressed through mitigation measures short of a total prohibition.”

BIS reviewed Kaspersky’s cybersecurity and antivirus transactions under Executive Order 13873 and 15 C.F.R. Part 7. At issue is the possibility that either Kaspersky or the Russian government could use the company’s software to spy on American customers or sabotage systems. The US Department of Commerce is also urging people and businesses with existing Kaspersky products to switch to other products to protect themselves.

According to the edict, US companies have until 29 September to stop using Kaspersky’s antivirus software and services. US CISO’s face difficult choices and must act quickly to comply.

As Tim Crawford, founder of research and advisory firm Avoa, told CSO: “You have to move quickly, don’t wait or take a chance to get close to that October deadline, because those non-updated systems will become fully vulnerable, and hackers are lying in wait for you.”

Kaspersky Lab’s software has previously been available for purchase in the US since 2005. However, in 2017, the US Department of Homeland Security ruled that federal agencies could no longer have Kaspersky’s software installed on their systems. In 2018, the software was also banned from US military systems.

“The company has carefully reviewed and evaluated the effects of the US legal requirements and made this sad and difficult decision because the business opportunities in the country are no longer sustainable,” Kaspersky Lab wrote in a statement.