August 9, 2024 By Doug Bonderud 3 min read

The shift started in 2017 with a Department of Homeland Security (DHS) ban on using Kaspersky products on any government computer systems. Now, the Department of Commerce has given the company a final push to leave the United States.

As of July 20, 2024, Kaspersky is “prohibited from entering into any new agreement with U.S. persons involving one or more information and communications technology (ICTS) transactions,” and as of September 30, 2024, they can no longer provide antivirus signature or codebase updates.

Put simply, time’s up for the Russia-based security firm. But what (if anything) does this mean for U.S. organizations?

2017: Frustrating foreign interference

2016 was a tough year for federal cybersecurity, prompting serious concerns about foreign interference in U.S. political affairs.

Concerns led to investigations, which led the DHS to ban the use of Kaspersky products on any federal computers. In September 2017, agencies were told they had 90 days to remove all Kaspersky products from their systems. Some large private companies, such as Best Buy, also chose to follow suit, marking the start of a slow decline in Kaspersky solution use.

The company itself firmly denied any foreign influence, arguing that no credible evidence was presented and that accusations were based on false assumptions.

2024: Unacceptable security risk

2024 saw the Department of Commerce take the Kaspersky censure a step further. A statement from the company says that the decision “was based on the geopolitical climate rather than on the evaluation of the integrity of the company’s solutions, and deprives U.S. users and companies of best-in-class protection.”

From the perspective of the DoC, Kaspersky products represent risk because they could be used to collect and store information about U.S. citizens — information that could then be passed to foreign actors or governments. While this is true of any solution owned and operated by an international organization, the Department of Commerce highlighted the need for Kaspersky to follow Russian laws in its business operations, laws that could potentially put U.S. companies and citizens at risk.

According to the decision, “Kaspersky’s global virus scanning operation puts it at the forefront for identifying new vulnerabilities in existing software, providing it with significant non-public information for ways to exploit certain versions of software, as well as a list of devices that run that software. This capability, if leveraged by the Russian government, greatly enhances its ability to conduct cyber espionage and to steal sensitive data.”

Potential impacts on the U.S. cybersecurity market

While Kaspersky products remain popular worldwide, they don’t top the antivirus charts in the United States. According to recent research, paid tools such as Norton and McAfee capture significantly more market share than Kaspersky, while built-in defensive tools such as Microsoft Defender are also gaining ground.

In part, Kaspersky’s falling star was likely tied to the 2017 decision. Although it didn’t prevent private organizations from using Kaspersky products, companies looking to work with government agencies were better served using other solutions to meet evolving federal standards.

It is worth noting that Kaspersky’s research teams are well-known for finding and exposing hacker groups, making them a valuable part of the overall security landscape. The shift off U.S. soil won’t affect this work, however, meaning U.S. businesses can still benefit from this work.

Will this decision affect private enterprise operations?

Bottom line? After the 2017 decision, Kaspersky’s days were numbered. Regardless of their affiliation (or lack thereof) with the Russian government, the company posed a potential risk to U.S. national cybersecurity. While their departure reduces market choice, the sheer number of available antivirus tools combined with the falling popularity of Kaspersky products in the United States means the Department of Commerce’s decision should have minimal impact on private enterprise operations.

More from News

Apple Intelligence raises stakes in privacy and security

3 min read - Apple’s latest innovation, Apple Intelligence, is redefining what’s possible in consumer technology. Integrated into iOS 18.1, iPadOS 18.1 and macOS Sequoia 15.1, this milestone puts advanced artificial intelligence (AI) tools directly in the hands of millions. Beyond being a breakthrough for personal convenience, it represents an enormous economic opportunity. But the bold step into accessible AI comes with critical questions about security, privacy and the risks of real-time decision-making in users’ most private digital spaces. AI in every pocket Having…

FYSA – Adobe Cold Fusion Path Traversal Vulnerability

2 min read - Summary Adobe has released a security bulletin (APSB24-107) addressing an arbitrary file system read vulnerability in ColdFusion, a web application server. The vulnerability, identified as CVE-2024-53961, can be exploited to read arbitrary files on the system, potentially leading to unauthorized access and data exposure. Threat Topography Threat Type: Arbitrary File System Read Industries Impacted: Technology, Software, and Web Development Geolocation: Global Environment Impact: Web servers running ColdFusion 2021 and 2023 are vulnerable Overview X-Force Incident Command is monitoring the disclosure…

Ransomware attack on Rhode Island health system exposes data of hundreds of thousands

3 min read - Rhode Island is grappling with the fallout of a significant ransomware attack that has compromised the personal information of hundreds of thousands of residents enrolled in the state’s health and social services programs. Officials confirmed the attack on the RIBridges system—the state’s central platform for benefits like Medicaid and SNAP—after hackers infiltrated the system on December 5, planting malicious software and threatening to release sensitive data unless a ransom is paid. Governor Dan McKee, addressing the media, called the attack…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today