Following the recent US Commerce Department’s decision to prohibit the sale of Kaspersky software in the U.S. due to concerns about the company’s Russian ties posing a potential risk to U.S. national security, Kaspersky has revealed plans to gradually scale back its operations in the U.S. starting from July 20. This comes after the Biden administration’s recent announcement to restrict the company’s sales within the country.
In addition to Kaspersky’s requirement to comply with Russian laws, the department stated in a ruling dated June 14 that the software could potentially be used to access sensitive information of U.S. citizens and share it with Russian government entities. You can read about the decision.
Kaspersky vigorously refuted any claims of being a security threat. Responding on June 21 to the Commerce Department’s ruling, the company stated that it does not intentionally collect sensitive data on Americans. It emphasized that its operations and staff in Russia can only access aggregated or statistical data that cannot be linked to specific individuals.
Furthermore, the company contended that the government’s decision was influenced by “geopolitical climate and theoretical concerns” rather than conducting an independent risk assessment. Kaspersky argued that the U.S. decision would aid cybercriminals and limit consumer options.
Despite considering Kaspersky’s objections to the initial investigation findings, the department maintained that the ban on its software was well-founded.
Kaspersky is eliminating all positions in the U.S. and temporarily disabled product purchases on its website stating “purchase unavailable for U.S. customers”.
It raises numerous questions… Is this beneficial or detrimental to cybersecurity? Where will it end? Which country will be affected next? Will nations using Kaspersky face challenges in their dealings with the U.S.? Are we likely to witness an increase in cyber breaches? Could this lead to a fragmented approach to cybersecurity, forcing countries to take sides? How will the exchange of cyber threat information be affected? What are the potential long-term repercussions? It seems like a good day for competitors who can now scoop up the remaining Kaspersky customers and recruit those who may lose their jobs.