Kaspersky Ban in The US: Compliance Risks And Required Actions

Jorge Farah September 25, 2024
- 18 min read

The United States Government has banned Kaspersky antivirus software. The Commerce Department's prohibition has sent shockwaves through the cybersecurity community, raising critical compliance concerns and demanding swift action from IT infrastructure leaders in the US.

The Biden administration plans were announced on June 20, 2024, and affect Kaspersky Lab, Inc., its affiliates, subsidiaries, and parent companies.

The action alleges "undue or unacceptable national security risk," and as a consequence, the company will no longer be able to sell its software within the United States or provide updates to software already in use."

 

 

September 2024 Update: Kaspersky Replacement by UltraAV 

In September 2024, roughly three months after the announcement, Kaspersky users in the United States were caught off guard when the popular antivirus software unexpectedly replaced itself with UltraAV, a product from a different company.

The switch was done without prior notice of the exact timing or the automatic installation process, despite an earlier announcement.

This situation led to concerns about security and privacy, particularly for organizations that depend on Kaspersky. Here you will find information on how to detect this replacement in your systems.

Kaspersky ban in US: What happened?

The Biden administration, escalating its crackdown on cybersecurity threats, has officially banned the sale and update of all antivirus software products from the Russian firm Kaspersky.

This significant policy shift was announced by Commerce Secretary Gina Raimondo on June 20, 2024, citing deep-seated national security concerns that Kaspersky might collect and weaponize sensitive U.S. information.

Starting September 29, 2024, it will be illegal to sell Kaspersky products in the United States or to provide updates to any existing installations, effectively freezing the company’s operations within the country.

The US ban on Kaspersky, Inc. makes it illegal to sell or update Kaspersky products starting on September 29, 2024.

Further compounding Kaspersky’s challenges, the U.S. Department of Commerce has also added three entities affiliated with Kaspersky — two in Russia and one in the UK — to the Entity List.

This action reflects the administration’s assertion that these units have engaged in activities that compromise or threaten U.S. national security, particularly through alleged collaborations with Russian military intelligence.

Eugene Kaspersky, the founder of Kaspersky Lab, has faced scrutiny over national security risks associated with his company's software, including allegations of leaking private information and ties to the Russian government.

The Commerce Department’s actions are grounded in the perception that Kaspersky’s operations could be influenced or directly controlled by the Russian government, thereby posing an unacceptable risk to the security of U.S. infrastructures.

In a firm rebuttal, Kaspersky has denied any wrongdoing or ties to the Russian government and has vowed to challenge these restrictions through all available legal avenues.

This ban is not the first action taken against Kaspersky; the U.S. Department of Homeland Security had already prohibited the use of Kaspersky’s flagship antivirus products in federal networks back in 2017, citing similar security concerns.

The impact of this new ban extends beyond the federal level, urging all U.S. citizens and businesses to discontinue their use of Kaspersky products and to transition to alternative providers to safeguard against potential security breaches and ensure compliance with national security directives.

Implications of the use of Kaspersky software for US companies

The ban on Kaspersky antivirus software places stringent demands on U.S. companies, aligning them with a comprehensive framework designed to safeguard national security interests.

This prohibition also scrutinizes the company's activities, including roles such as Chief Operating Officer and Chief Business Development Officer. Governed by the Department of Commerce’s Bureau of Industry and Security (BIS), the implications extend through the realms of Export Administration Regulations (EAR) and beyond.

Existing customers of Kaspersky are allowed to receive software and antivirus updates until September 29, after which they are encouraged to transition to new security solutions to protect their data and privacy.

As of June 2024, Kaspersky.com receives over 750,000 visits from US users, according to traffic intelligence company Semrush. This is a 50% decrease from its peak in January 2023. Additionally, it is reported that its brand (including "Kaspersky," "Kapersky," and other common typos) is searched over 70,000 times a month.

kaspersky us traffic

Laws and regulations impacting compliance

The EAR specifically includes the Entity List and enforces conditions under which U.S. companies must operate. These regulations mandate that before exporting, re-exporting, or transferring listed items, companies must obtain specific licenses.

This ensures that sensitive technologies do not inadvertently benefit entities that could pose a national security threat. The Russian government's influence over Russian companies like Kaspersky presents significant risks to U.S. national security.

Furthermore, the National Defense Authorization Act (NDAA), under Section 889, prohibits federal agencies from dealing with any entity that uses telecommunications and surveillance equipment produced by listed entities. The Federal Acquisition Regulation (FAR) complements this by guiding federal procurement processes to avoid contracts with these entities, thereby reinforcing the NDAA’s stipulations. Intelligence authorities played a crucial role in the decision to ban Kaspersky due to these national security concerns.

Additionally, the Cybersecurity Information Sharing Act (CISA) plays a pivotal role by promoting the exchange of cybersecurity threat information, which might include interactions involving listed entities. The Commerce Department and parent companies are involved in the regulatory actions to ensure compliance and mitigate risks.

Broad industry impact

The ripple effect of these regulations is profound, touching various pivotal industries:

  • Technology and Telecommunications: These sectors are at the forefront, needing to ensure that no technology or equipment breaches the stipulated guidelines.
  • Defense and Aerospace: Here, the focus is on stringent adherence to avoid any export control violations that could compromise national security.
  • Semiconductors and Electronics: This sector must navigate the complexities of export controls to maintain seamless operations across global supply chains.
  • Energy and Utilities: With the emphasis on securing critical infrastructure, these industries are regulated to prevent any procurement of technologies that could pose security risks.
  • Healthcare and Pharmaceuticals: Involvement with sensitive technologies and data mandates compliance with export controls to avoid any breaches.
  • Financial Services: This sector’s compliance is crucial in ensuring secure financial transactions and robust cybersecurity measures.

The United States presented a national security risk due to the potential for exploit Russian companies like Kaspersky, which could lead to data theft, espionage, and system malfunction.

Navigating compliance

To navigate this complex regulatory landscape, companies are taking proactive measures:

  • Vendor screening: Rigorous due diligence is essential to ensure no listed entities are inadvertently engaged.
  • Licensing: Securing the necessary licenses for transactions involving listed entities is crucial.
  • Internal controls: Robust internal compliance programs are implemented to monitor adherence to these regulations continuously.
  • Training and Awareness: Regular training sessions are conducted to keep employees informed about the critical importance of these regulations and their role in compliance.
 

 

Alternatives to Kaspersky software

As companies in the United States transition away from Kaspersky software to stay compliant with federal regulations, several reputable cybersecurity vendors offer viable alternatives.

Here is a comparison chart detailing some of the leading cybersecurity software providers, their products, and their countries of origin. If you need a bit more information, check out this guide on Kaspersky software alternatives!

Vendor Cybersecurity Products Country of Origin
Malwarebytes Anti-Malware, Anti-Exploit, Anti-Ransomware USA
Trend Micro Maximum Security, Internet Security, Antivirus+ Japan
McAfee Total Protection, LiveSafe USA
Sophos Intercept X, Sophos Home UK
Microsoft Defender, Azure Security Center USA
Avast Avast One, Avast Premium Security Czech Republic
AVG Technologies AVG Internet Security, AVG Ultimate Czech Republic
ESET NOD32, Smart Security Premium Slovakia
CrowdStrike Falcon Prevent, Falcon Insight USA
Symantec Norton 360, Symantec Endpoint Protection USA
Bitdefender Total Security, Internet Security Romania
SentinelOne Singularity XDR Platform USA
Cylance Inc. CylancePROTECT, CylanceOPTICS USA
Support.com SUPERAntiSpyware, Cosmos USA
Qihoo 360 Technology Co. Ltd 360 Total Security China
Palo Alto Networks Prisma Access, Cortex XDR USA
ByteFence ByteFence Anti-Malware USA
Digitalcom Secure Firewall, Threat Protection Unknown
Avira Avira Antivirus Pro, Internet Security Germany
Panda Security Panda Dome, Panda Advanced Protection Spain
Ivanti Security Controls, Patch Management USA
Adaware Adaware Antivirus, Web Companion Canada

This list represents a broad spectrum of options across different geographical origins, ensuring that businesses can choose solutions that align with their specific security needs and compliance requirements.

Each of these companies provides a suite of products designed to protect against a wide range of cyber threats, from malware and phishing to advanced persistent threats and ransomware.

When selecting a Kaspersky alternative provider, it's essential for businesses to consider not only the product's features but also the provider's compliance with international standards and their reputation in the cybersecurity community.

 

How to control the use of Kaspersky software in your organization

As organizations navigate the complexities of compliance with U.S. government regulations concerning Kaspersky software, identifying and managing its usage becomes crucial.

An effective way to ensure your organization remains compliant is by utilizing Asset Management tools such as InvGate Asset Management. These solutions offer capabilities that can be pivotal in monitoring and controlling the use of prohibited software.

Let's take a look at what it can do for you in this particular scenario.

1. Identifying Kaspersky software

InvGate Asset Management’s Software Compliance module combines data from the contracts logged on your instance with the reported software usage.

InvGate Asset Management's complete IT asset inventory provides you with a complete overview of all software installed across your organization. In particular, with our Software Compliance module, you can easily identify all the Kaspersky licenses installed in your network.

This is a crucial step in ensuring that no remnants of the software remain undetected, which could potentially lead to compliance issues.

2. Removing Kaspersky Labs software

software-deployment-on-invgate-insight-new-plan

Once you identified all Kaspersky, Inc. licenses in your IT infrastructure, InvGate Asset Management's Software Deployment module allows you to uninstall them in bulk.

All you have to do is run a script to remove Kaspersky Lab software from your security perimeter, and that's it!

3. Installing the Kaspersky alternative

Same as you uninstalled the Kaspersky antivirus, you can deploy its replacement by running a script on all your device inventory. This way, you can be back in compliance in no time, and without manual effort.

4. Setting up alerts and reports

Lastly, to remain compliant with the US Kaspersky ban, you can set up monitoring alerts to be in the loop as soon as the antivirus is back in your network. In addition, you can customize a dashboard to detail the discovery, usage, and removal of any type prohibited software.

In doing so, you can act upon the issue as soon as it appears, avoiding compliance risks and ensuring adherence to the latest regulations.

In conclusion

The US ban on Kaspersky software starts running on September 29, 2024, and implies that the firm can no longer sell or update their products within the US.

If your organization still uses Kaspersky as its antivirus, we recommend you start looking for alternatives now to address this non-compliance issue as soon as possible.

If you want to see how InvGate Asset Management can help you do the antivirus swap, ask for our 30-day free trial and test it!

Frequently Asked Questions

Does Kaspersky work in USA?

For now, it does. But, as from September 29, 2024, the U.S. government announced that it will be illegal to sell Kaspersky products in the country or to provide updates to any existing installations.

Is Kaspersky safe to use in USA? 

The United States government states that the Russian-owned firm Kaspersky poses "undue or unacceptable national security risk," particularly in relation to alleged collaborations with Russian military intelligence.

For this reason, the Commerce Department banned the sale and update of all antivirus in the country, starting in September 29, 2024.

Is Kaspersky still a Russian company?

Yes, Kaspersky is a Russian-owned company. It is headquartered in Moscow, Russia, and operated by a holding company in the United Kingdom.

Why did the U.S. government ban Kaspersky?

The U.S. government banned Kaspersky because it considers that the company poses national security risks due to allegations of leaking private information and ties to the Russian government and military services.

Should I delete Kaspersky? 

If your organization or company is based in the U.S., you should delete all Kaspersky products before September 29, 2024, as it will be illegal to operate their products in the country.

Which countries banned Kaspersky?

The U.S. banned Kaspersky products and updates in the whole country as from September 29, 2024.

Read other articles like this : Cybersecurity, Security