US sanctions 12 Kaspersky Lab execs for working in Russian tech sector

Lawrence Abrams

June 21, 2024
01:32 PM
2

Kaspersky

The Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned twelve Kaspersky Lab executives for operating in the technology sector of Russia.

These sanctions came after the Biden administration announced yesterday the ban of sales and software updates for Kaspersky antivirus software in the USA, which started in July, over potential cybersecurity risks to national security.
In addition, the Department of Commerce designated AO Kaspersky Lab and OOO Kaspersky Group (Russia), and Kaspersky Labs Limited (United Kingdom) to the Entity List, preventing any US business from conducting business with them.

"All the individuals below were designated pursuant to E.O. 14024 for operating in the technology sector of the Russian Federation economy," reads the OFAC announcement.
Today, OFAC announced sanctions on twelve Kaspersky Lab employees in leadership positions. The twelve sanctioned Kaspersky employees and their positions are:

Andrei Gennadyevich Tikhonov (Tikhonov) - Board member and CFO.
Daniil Sergeyevich Borshchev (Borshchev) - Board member and Deputy CEO of Strategy and Economics
Andrei Anatolyevich Efremov (Efremov) - Board member and Chief Business Development Officer (CBDO)
Igor Gennadyevich Chekunov (Chekunov) - Board member Chief Legal Officer (CLO).
Andrey Petrovich Dukhvalov (Dukhvalov) - Vice President and Director of Future Technologies
Andrei Anatolyevich Suvorov (Suvorov) - Head of Kaspersky Operating System Business Unit
Denis Vladimirovich Zenkin (Zenkin) - Head of Corporate Communications
Marina Mikhaylovna Alekseeva (Alekseeva) - Chief Human Resources (HR) Officer (CHRO)
Mikhail Yuryevich Gerber (Gerber) - Executive Vice President of Consumer Business
Anton Mikhaylovich Ivanov (Ivanov) - Chief Technology Officer (CTO)
Kirill Aleksandrovich Astrakhan (Astrakhan) - Executive Vice President for Corporate Business
Anna Vladimirovna Kulashova (Kulashova) - Managing Director for Russia and the Commonwealth of Independent States (CIS)

While many of these members report directly to the CEO, Eugene Kaspersky, the US government says they have not sanctioned Kaspersky Lab, its parent or subsidiary companies, or its CEO.
The Treasury Department says that the employees are sanctioned pursuant to Executive Order 14024, which states that people determined to work in the technology sector of the Russian Federation can fall under sanctions.

"to operate or have operated in the technology sector or the defense and related materiel sector of the Russian Federation economy, or any other sector of the Russian Federation economy as may be determined by the Secretary of the Treasury, in consultation with the Secretary of State," reads the Executive Order.

Those sanctioned have had their assets in the US frozen and can no longer access them until the sanctions are lifted.
BleepingComputer contacted Kaspersky for a statement regarding these sanctions and will update the article if we receive a response.

Biden bans Kaspersky antivirus software in US over security concerns

Lawrence Abrams

June 20, 2024
06:38 PM
16

Kaspersky

Today, the Biden administration has announced an upcoming ban of Kaspersky antivirus software and the pushing of software updates to US companies and consumers, giving customers until September 29, 2024, to find alternative security software.

"Today, the Department of Commerce's Bureau of Industry and Security (BIS) announced a Final Determination prohibiting Kaspersky Lab, Inc., the U.S. subsidiary of a Russia-based anti-virus software and cybersecurity company, from directly or indirectly providing anti-virus software and cybersecurity products or services in the United States or to U.S. persons," reads a new announcement from the US BIS agency.
"The prohibition also applies to Kaspersky Lab, Inc.’s affiliates, subsidiaries and parent companies (together with Kaspersky Lab, Inc., “Kaspersky”)."

This ban not only involves the sale of Kaspersky products but also prevents the company from delivering antivirus and security updates to customers, making it critical for customers to provide alternative software by the end of September.

"The Biden-Harris Administration is committed to a whole-of-government approach to protect our national security and out-innovate our adversaries," said Secretary of Commerce Gina Raimondo.

"Russia has shown time and again they have the capability and intent to exploit Russian companies, like Kaspersky Lab, to collect and weaponize sensitive U.S. information, and we will continue to use every tool at our disposal to safeguard U.S. national security and the American people. "

While Kaspersky has denied any ties to the Russian government, the US government feels that due to the Russian government's cyber capabilities and ability to influence Kaspersky's operations, there was no way to mitigate the risk without a total ban on the company's services in the USA.

Much of this concern stems from Kaspersky's acquisition of secret security tools and exploits linked to the Equation Group, which is believed to have been the NSA's cyber-operations division.
At the time, Kaspersky stated that their antivirus software automatically retrieved the NSA files after detecting previously unseen but potentially malicious files. It is common for antivirus vendors to upload files that are suspected of being malicious to their servers for further analysis.

However, the US government believes that Russian FSB agents or other Kaspersky insiders used Kaspersky antivirus as an interactive search engine to scan computers worldwide for files of interest.
Since then, the US government has been slowly banning the use of Kaspersky products within federal agencies and now, with today's announcement, throughout the country.

As part of these announcements, the BIS has set up a dedicated page outlining what the Kaspersky ban means for corporate and consumer customers.

Starting at midnight ET on July 20, 2024, Kaspersky is banned from entering into any new agreements with a US person of business. This includes any software or white-labeled product from the company.

At midnight ET on September 29, 2024, Kaspersky or any of its agents are prohibited from distributing software and antivirus updates to customers and operating its Kaspersky Security Network (KSN) in the United States or on any US person's systems.

Kaspersky Security Network is the company's cloud-based threat platform that accepts new file samples and telemetry uploaded from devices running its software.

While the government states that they will not pursue legal action against any US individuals continuing to use Kaspersky software after these deadlines, they will be using the software at their own risk.

In addition to the ban, the BIS has added three entities associated with Kaspersky—AO Kaspersky Lab, OOO Kaspersky Group (Russia), and Kaspersky Labs Limited (United Kingdom)— to the Entity List for alleged cooperation with the Russian government.

In response to today's ban, Kaspersky shared the following statement with BleepingComputer, which we have reproduced in full below.

"Kaspersky is aware of the decision by the U.S. Department of Commerce to prohibit the usage of Kaspersky software in the United States. The decision does not affect the company’s ability to sell and promote cyber threat intelligence offerings and/or trainings in the U.S. Despite proposing a system in which the security of Kaspersky products could have been independently verified by a trusted 3rd party, Kaspersky believes that the Department of Commerce made its decision based on the present geopolitical climate and theoretical concerns, rather than on a comprehensive evaluation of the integrity of Kaspersky’s products and services. Kaspersky does not engage in activities which threaten U.S. national security and, in fact, has made significant contributions with its reporting and protection from a variety of threat actors that targeted U.S. interests and allies. The company intends to pursue all legally available options to preserve its current operations and relationships.

For over 26 years, Kaspersky has succeeded in its mission of building a safer future by protecting over a billion devices. Kaspersky provides industry-leading products and services to customers around the world to protect them from all types of cyber threats, and has repeatedly demonstrated its independence from any government. Additionally, Kaspersky has implemented significant transparency measures that are unmatched by any of its cybersecurity industry peers to demonstrate its enduring commitment to integrity and trustworthiness. The Department of Commerce’s decision unfairly ignores the evidence.

The primary impact of these measures will be the benefit they provide to cybercrime. International cooperation between cybersecurity experts is crucial in the fight against malware, and yet this will restrict those efforts. Furthermore, it takes away the freedom that consumers and organizations, large and small, should have to use the protection they want, in this case forcing them away from the best anti-malware technology in the industry, according to independent tests. This will cause a dramatic disruption for our customers, who will be forced to urgently replace technology they prefer and have relied upon for their protection for years.

Kaspersky remains committed to protecting the world from cyberthreats. The company’s business remains resilient and strong, marked by an 11-percent growth in sales bookings in 2023. We look forward to what the future holds, and will continue to defend ourselves against actions that seek to unfairly harm our reputation and commercial interests."