In 2017, Kaspersky Antivirus Software, developed in Russia, was labeled an unacceptable risk to US national security, leading to a complete ban from federal agencies by 2018. In 2022, Kaspersky was also added to the US Federal Communications Commission’s blacklist.
Although federal funds could no longer be used to purchase Kaspersky products, individuals and private businesses were still allowed to buy licenses. However, this is about to change with a new US ban on Kaspersky’s products.
Announced by the Bureau of Industry and Security (part of the Department of Commerce) on Thursday, the prohibition covers antivirus and other cybersecurity software developed and distributed by Kaspersky and its affiliates. The Biden administration cited the potential for interference from the Russian government in Kaspersky’s operations as the primary reason for this unprecedented decision.
The ban will be implemented in two phases: starting on July 20 at 12:00am ET, Kaspersky will be prohibited from selling its products to new US customers or integrating its software into third-party products (such as white-labeled services). Then, on September 29 at 12:00am ET, all reselling, existing integrations, and licensing must stop. Virus definition and app updates will cease, along with the operation of the Kaspersky Security Network within the US and on devices belonging to US residents and citizens.
This timeframe allows consumers and businesses to transition to new software. There are no legal penalties for continuing to use Kaspersky during this period while seeking a replacement.
If you’re a Kaspersky user, you should switch to an alternative before the September cutoff date to avoid leaving your devices unprotected. For those using the free version of Kaspersky, an easy fallback is Windows Security, the built-in antivirus, malware, and network protection software available with Windows 10 and 11. For premium options, check out our recommendations for the best antivirus software, which include apps comparable to Kaspersky products.
For more details on the US government’s investigation into Kaspersky, visit the Bureau of Industry and Security’s dedicated site. It provides an in-depth explanation of why Kaspersky is now considered a high security risk, including the potential for the Russian government to compel Kaspersky to release sensitive data about US customers, use Kaspersky software to plant malware on US devices, and spread malicious code through white-label software to unsuspecting users.
The site also includes documentation outlining the government’s actions and its communications with Kaspersky regarding its analysis. This detailed breakdown of Kaspersky’s proposed mitigations might be an interesting read for those interested in cybersecurity.
