“Unacceptable risk”: Supreme US authority blacklists Kaspersky

Ukraine conflict
“Unacceptable risk”: Supreme US authority blacklists Kaspersky

03/28/2022, 6:19 p.m
2 min reading time

It came as a deep shock to the West: When Russia, under Vladimir Putin, invaded Ukraine, it aroused a fear of war that had not been felt for a long time in European countries. And a deep dislike for Russian products and companies. For the antivirus experts at Kaspersky, the effect could last even longer: the US telecommunications authority FCC has now put the company on its blacklist.

The authorities announced this on Friday. Kaspersky joins the Chinese telecommunications companies China Telecom America and China Mobile International USA on the list of companies considered potentially dangerous to US national security as providers of communications products and services.

deep distrust

The list was only introduced in 2019 under then-President Donald Trump. The evaluation as a danger and the resulting consequences are considered one of the main reasons for the crash of the former smartphone giant Huawei. The Chinese group was among the first listed companies, so far it only included four other Chinese tech companies. Kaspersky is the first non-Chinese company on the list. Kaspersky said in a statement that they were “disappointed” with the decision.

The assessment is primarily about the potential to undermine US networks. The new entries would “help us protect our networks from the threats posed by Russian and Chinese state-backed entities engaged in espionage or otherwise seeking to harm American interests,” FCC Commissioner Brendan Carr told Reuters.

How big is the danger?

While the Chinese telecom companies see the danger more in relation to the hardware of the networks, Kaspersky is concerned with the theoretical possibility of importing malicious code via the antivirus program. Because pest control programs have to be deeply rooted in the system in order to function correctly, they are rated as particularly critical.

This is not unfounded per se, explained Andreas Marx, CEO of the independent IT security institute AV-Test stern already in February. “Security software naturally has far-reaching access to the system and the data there,” says Marx. “If there are corresponding security needs, it makes sense to think about products and manufacturers.”

However, he does not see this danger in the specific case of Kaspersky. “I don’t think there will be any danger from the Kaspersky products themselves. The programs are developed not only in Russia, but worldwide by a large team.” In terms of virus protection, his institute sees no problem anyway. Kasperksy was recently rated as one of the most reliable security solutions on the market in a test published on Monday.

Bad for business

Kaspersky has been fighting for years against the reputation of being viewed with suspicion as a Russian product. As early as 2018, the company had therefore begun to move its data processing from Russia to Switzerland, a spokeswoman said stern. The move has therefore been completed since 2020. There is no need to fear access from Russia. “Kaspersky is not subject to the Russian System of Operational Investigative Measures (SORM) or other similar laws and is therefore not required to provide information. This has been confirmed by an independent legal assessment of Russian legislation on data processing.”

For the antivirus company, the situation is extremely uncomfortable. The entry on the black list ensures that all US authorities, state institutions and companies that want to work with them are no longer allowed to use the corresponding products. In fact, the damage could be even greater. Because the signaling effect goes beyond the government agencies, many other companies and private users are likely to become more skeptical about the software.

Swell:FCC, Reuters, Kaspersky