Kaspersky says it can continue to sell cyber threat intelligence in spite of US ban

The US Department of Commerce’s Bureau of Industry and Security (BIS) has banned Kaspersky Lab from directly or indirectly providing antivirus software and cyber security products or services, meaning Kaspersky will be prohibited from conducting or participating in certain information and communication technology service transactions in the US.

“The Russian Government has proven that it has the capability and intent to exploit Russian companies like Kaspersky to collect sensitive US personal information and compromise the systems and networks that use these products,” said Elizabeth Cannon, executive director of the Office of Information and Communications Technology and Services (ICTS). “The Department of Commerce stands ready to assist US businesses and individual consumers across the country to respond appropriately to today’s action.”

BIS also added three entities – AO Kaspersky Lab and OOO Kaspersky Group (Russia), and Kaspersky Labs Limited (UK) – to the Entity List for their cooperation with Russian military and intelligence authorities in support of the Russian government’s cyber intelligence objective.

“The Biden-Harris administration is committed to a whole-of-government approach to protect our national security and out-innovate our adversaries,” said secretary of commerce Gina Raimondo.

“Russia has shown time and again they have the capability and intent to exploit Russian companies, like Kaspersky Lab, to collect and weaponise sensitive US information, and we will continue to use every tool at our disposal to safeguard US national security and the American people,” she said. “Today’s action, our first use of the Commerce Department’s ICTS authorities, demonstrates Commerce’s role in support of our national defence and shows our adversaries we will not hesitate to act when they use technology that poses a risk to the United States and its citizens.”

Responding to the ban, Kaspersky said: “The decision does not affect the company’s ability to sell and promote cyber threat intelligence offerings and/or trainings in the US. Despite proposing a system in which the security of Kaspersky products could have been independently verified by a trusted third party, Kaspersky believes that the Department of Commerce made its decision based on the present geopolitical climate and theoretical concerns, rather than on a comprehensive evaluation of the integrity of Kaspersky’s products and services.

“Kaspersky does not engage in activities which threaten US national security and, in fact, has made significant contributions with its reporting and protection from a variety of threat actors that targeted US interests and allies. The company intends to pursue all legally available options to preserve its current operations and relationships.”

Kaspersky is used both in the enterprise and by home users. It recently revamped its business-to-business product range with a new suite, Kaspersky Extended Detection and Response (XDR). At the time, its chief technology officer, Anton Ivanov, described the suite as a reinvention of the company’s corporate product offerings. “Today we are launching our market-leading XDR and reinventing our corporate product offering, as we embark on a new chapter of our history as a B2B vendor,” he said.

Kaspersky has had a number of high-profile sponsorship deals, such as Formula 1 team Ferrari in 2010 and DS Virgin Racing in 2017. In spite of signing another  multi-year deal in 2021, Ferrari suspended the partnership in 2022 due to the war in Ukraine.

Among its customer references in the UK is Proband Group, which provides IT products and managed services to more than 3,500 customers, predominantly small and medium-sized enterprises in the West Midlands and public sector organisations throughout the UK.