Russian security company Kaspersky is shutting operations in the US ahead of sanctions that will ban sales of its software nationwide.
The move comes amid ever-worsening relations between the US and Russia, exacerbated by the war in Ukraine, but Kaspersky has been answering questions about its ties to its home country for years.
After a series of recent sanctions, Kaspersky confirmed to security site Zero Day that it was winding down operations and cutting staff, though the total headcount being laid off is fewer than 50.
"Kaspersky has been operating in the US for close to 20 years, contributing to the nation’s strategic cybersecurity goals by safeguarding organizations and individuals in the country from ever-evolving cyber threats," a spokesperson for Kaspersky told ITPro.
"The company has carefully examined and evaluated the impact of the US legal requirements and made this sad and difficult decision as business opportunities in the country are no longer viable."
Kaspersky’s slow march to a full ban
Kaspersky was founded in Moscow, Russia in 1997, by Eugene Kaspersky, Natalya Kaspersky, and Alexey De-Monkerik, and first began selling overseas in 2005. It has divisions in the UAE, Turkey, the UK, Mexico, South Africa, Brazil, and Singapore.
The Russian connection has long been a tough sell. Eugene Kaspersky told ITPro in 2016 that geopolitics was always a concern for a security lab with "Russian roots", but that the company does its "best not to be connected [to one country], to be international."
But that didn't convince the American government. In 2017, the US government ordered all civilian agencies to remove all Kaspersky systems from their networks amid concerns about the relationship between "certain Kaspersky officials and Russian intelligence".
Concerns were also raised that aspects of Russian law could force the company to intercept communications, the Department for Homeland Security said at the time.
Later that year, Lithuania followed suit by banning Kaspersky software from sensitive computers at government agencies or those that control critical infrastructure. The next year, the Netherlands also began cutting out Kaspersky from government systems, and the US expanded its ban to military systems.
Kaspersky responded by holding international customers' data in Switzerland rather than Russia, as part of a wider transparency effort.
Rising tensions after the Ukraine invasion
Days after the invasion of Ukraine by Russia in 2022, the US government privately issued warnings to local companies, suggesting that Kaspersky software could be abused by the Russian government to wreak havoc among American companies or for wider cyber attacks.
In June, the US government said it would ban new sales of Kaspersky's antivirus, not just for government agencies but across all businesses.
"Russia has shown it has the capacity and ... the intent to exploit Russian companies like Kaspersky to collect and weaponize the personal information of Americans and that is why we are compelled to take the action that we are taking today," Commerce Secretary Gina Raimondo said in a call with reporters at the time, according to Reuters.
Kaspersky hit back at the move, claiming the decision was based entirely on "theoretical concerns".
The Russian government, meanwhile, said the sales restriction was nothing to do with security but a "favorite technique of unfair competition from the United States." The US responded by sanctioning 12 Kaspersky employees, including c-level leadership.
End of US operations
Now, Kaspersky said it would wind down operations by 20 July, the same day the ban on new business comes into effect. All software updates, sales, and resales will be banned as of 29 September.
"Starting from July 20, 2024 Kaspersky will gradually wind down its US operations and eliminate US-based positions," the statement from Kaspersky added.
"The decision and process follows the Final Determination by the US Department of Commerce, prohibiting the sales and distribution of Kaspersky products in the US.
"Kaspersky’s business remains resilient, and our key priority remains the same – to protect our customers in any country from cyberthreats. Being a global cybersecurity vendor, the company will continue investing in strategic markets and remain committed to serving its customers and partners and ensuring their protection."
