On June 20,2024,the U.S.Department of Commerce issued a notice prohibiting Kaspersky Lab,Inc.a Russian-based cybersecurity and antivirus software company,and its affiliates from providing antivirus software and cybersecurity products or services in the United States or to U.S.customers.This ban not only applies to Kaspersky Lab itself,but also includes its subsidiaries,parent companies,and affiliated entities.This is the first time that the Bureau of Industry and Security (BIS) of the U.S.Department of Commerce has taken such action,and it is also the first final ruling issued by the Office of Information and Communication Technology and Services (OICTS).

Background and Details of the Ban

Output:

Pursuant to Executive Order 13873,"Securing the Information and Communications Technology and Services Supply Chain," and its implementing regulations at 15 C.F.R.Part 7,the Department of Commerce is authorized to investigate and address whether certain information and communications technology or services transactions pose undue or unacceptable risks to national security.Specifically,these risks include:

• TheriskofundueorunacceptabledisruptionorsubversiontoU.S.informationandcommunicationstechnology(ICTS);
• TheriskofcatastrophiceffectsonthesecurityorresilienceofU.S.criticalinfrastructureorthedigitaleconomy;
• OtherunacceptableriskstoU.S.nationalsecurityorthesafetyofU.S.citizens.

After investigation,the Ministry of Commerce believes that Kaspersky’s business poses the aforementioned risks,so it decided to take prohibitive measures.According to the ban,from the date of the announcement,Kaspersky will no longer be able to sell its software in the United States or provide updates for existing software.However,in order to minimize disruptions to American consumers and businesses,the Ministry of Commerce allows Kaspersky to continue conducting certain operations in the United States,including providing antivirus signature updates and codebase updates,until 12 o’clock on September 29,2024.

Kaspersky Entities Added to Export Control Entity List

Output:

In addition to prohibiting Kaspersky from providing services to U.S.customers,the BIS has also added three of Kasperskys affiliated entities to the export control Entity List.These entities include:

• AOKasperskyLab,Russia
• OOOKasperskyGroup,Russia
• KasperskyLabsLimited,UK

BIS noted that these entities were added to the Entity List due to their collaboration with Russian military intelligence agencies.This means these companies will face stricter export controls,limiting their access to U.S.technology and products.

Kasperskys Global Impact

Output:

Kaspersky is a multinational company with offices in 31 countries and regions,providing cybersecurity and antivirus products and services to over 400 million users and 270,000 corporate clients worldwide.The impact of this ban and the Entity List designation extends beyond the U.S.market and may trigger ripple effects on Kasperskys operations in other countries.

In the future,U.S.regulatory measures in the information and communications technology sector may further intensify,and other countries may follow suit with similar actions.For businesses and users,maintaining operational continuity and technological innovation while ensuring security and compliance will become a critical challenge.