US says Kaspersky poses unacceptable risk to national security

kaspersky-av

The Federal Communications Commission (FCC) added Russian cybersecurity firm Kaspersky to its Covered List, saying it poses unacceptable risks to U.S. national security.

Kaspersky services covered by this decision include information security products, solutions, and services supplied by Kaspersky or any linked companies, including subsidiaries or affiliates.

FCC’s national security ban list was also expanded to include Chinese state-owned mobile service providers China Mobile International USA and China Telecom Americas.

The decision was taken following requirements in the Secure and Trusted Communications Networks Act of 2019 [PDF].

According to FCC Commissioner Brendan Carr, their addition to the Covered List means that they are prohibited from receiving support through FCC’s Universal Service Fund. 

“I am pleased that our national security agencies agreed with my assessment that China Mobile and China Telecom appeared to meet the threshold necessary to add these entities to our list,” Carr said [PDF].

“Their addition, as well as Kaspersky Labs, will help secure out networks from threats posed by Chinese and Russian state backed entities seeking to engage in espionage and otherwise harm America’s interests.”

U.S. federal agencies were first ordered to remove Kaspersky-branded products from federal information systems via a Binding Operational Directive (BOD) issued by the Department of Homeland Security in September 2017.

Earlier today, HackerOne blocked Kaspersky’s access and indefinitely suspended its bug bounty program.

HackerOne’s decision to disable the Kaspersky bug bounty program follows another blow received by the Russian company after Germany’s Federal Office for Information Security, BSI, warned companies against using Kaspersky products.

The BSI suggested the Russian authorities could force the antivirus provider into allowing Russian intelligence to launch cyberattacks against its customers or have its products used for cyberespionage campaigns.

Today’s decision to designate Kaspersky as a national security threat follows previous decisions to ban and revoke China Unicom Americas’ license over serious national security concerns in January 2022.

The FCC also added Chinese telecommunications companies Huawei, ZTE, Hytera Communications, Hikvision, and Dahua to its ban list on March 12, 2021.

Huawei and ZTE were designated as national security threats to the integrity of U.S. communications networks or the communications supply chain in June 2020.

%d bloggers like this: