The White House is reportedly preparing to impose a complete ban on software made by Russia’s Kaspersky Lab
We'll see if this holds up in court but I have a feeling the walls are closing in, the boot is falling, the illusion of freedom Americans have been granted will be stripped away soon.
This is not an isolated thing, it happens in the context of things like pushes to force logging on VPN providers, to crack down on piracy, to further control the internet and technology space.
How soon before we can talk of a US great firewall against foreign software of Chinese or Russian origin?
And unlike Chinese and Russian bans which have no reach, no long-arm of the law approach that can force the rest of the world to comply via financial sanctions, the US has the ability to actually impose these bans successfully not only on its own population but on the world if it so wishes.
The use of Kaspersky Lab’s products is seen as a threat to national security, officials in Washington reportedly say
Washington is planning to bar US businesses and individuals from using software created by the Russian cybersecurity company Kaspersky Lab, CNN reported on Tuesday, citing unnamed government officials familiar with the matter. The move is seen as “unprecedented,” as measures of the kind have never targeted private companies and citizens.
The comprehensive ban is currently being finalized and could be imposed as soon as this month, the sources told the news network. The new regulation would use “relatively new Commerce Department authorities built on executive orders” by Presidents Joe Biden and Donald Trump to prohibit Kaspersky Lab from providing certain products and services in the country, they added.
According to the sources, the order is aimed at mitigating risks allegedly posed by Kaspersky’s software to critical US infrastructure.
The same old story in other words, vague, unspecific, without any proof allegations of possible harm to national security without an explained mechanism or proof the threat exists.
As part of preparatory works for the move, the US Department of Commerce has made an “initial determination” to ban certain transactions between the Russian cybersecurity company and US citizens, the sources added.
They haven’t, however, provided any details regarding the full scope of a final order against Kaspersky products, but said that it would focus on the firm’s anti-virus software.
In 2022, the Federal Communications Commission placed the internet-security provider on a list of companies deemed a threat to US national security. Following the move, Kaspersky said in a statement that the decision had been made on “political grounds” rather than on the basis of “a comprehensive evaluation of the integrity of Kaspersky’s products and services.”
In 2017, US regulators banned federal government use of Kaspersky software. Back then, the Department of Homeland Security (DHS) cited increased fears that the firm had ties to state-sponsored spying programs as a key reason for the move.
Later, the company filed two lawsuits against the decision taken by the Trump administration, saying the bans were unconstitutional and that they caused Kaspersky Lab undue harm. In 2018, the District of Columbia court dismissed both cases, having upheld the ban imposed by Washington.
I will note all US connected cyber-security companies from anti-viruses like Norton and Trend Micro to the British (Five Eyes) Sophos to various bespoke companies that provide investigative services and more specialized software are FULL to the brim with "former" NSA, FBI, CIA agents. And are in fact (not accusation) all little more than cut-outs for the US/Five-Eyes intelligence alliance and subject to their full use for data collection, not adding their own government malware even when discovered organically to signatures until a foreign company does, and knowing of course the software's internal weaknesses and bug that such government malware may exploit to evade.
The US has long had anger towards Kaspersky because one of their foolish contractors who was writing malware for them used it on his computer, it's job includes finding and sending samples of new novel malware back and it found some he was writing and sent it. Kaspersky claims they deleted the information but the US government has been on a crusade against it earlier than that to be honest because it has helped states like Iran against things like Stuxnet and other US government malware campaigns.
But it's more than that, it's part of a wider campaign to push Russian and Chinese companies out of high technology, to hurt them, to weaken them, to injure and maim them. And it's part of the same sphere of things as pushing Dutch company ASML to shoot itself in the foot by not selling to the Chinese which weakens both the Chinese and a European company so is a good thing.
Kaspersky has long been ahead of the pack among traditional AV's, not because of its signatures which are no longer an advantage for any company but because of its other modules such as Host Intrusion Prevention/Behavioral Analysis and Control.
What's unclear to me is whether they will simply stop sales and prevent them from collecting money or if the ban is intended to prevent their distribution of updates, to do DNS stuff to attempt to break the functionality of the application and criminalize Americans using it.
What's interesting is Kaspersky has also long been a favorite of pirates as it famously played well with cracked software, was less prone to false-flagging and more accurate in its assessment of what was a real threat and what was just cracked suspicious software.
I didn't know about the link between alphabet agencies and US antivirus companies. I've been using Malwarebytes; do you thinkKaspersky would be better?
What is your threat model? Do you do things like pirate games or other executable software or other high risk activities like visiting suspicious sites, running strange code?
My answer depends on your answer. If you are taking risks like running lots of cracked games or software or engaging in other high risk behavior OR if you have had recurring problems (more than once in the past 3 years) with encountering malware on your computer (executed or not) I think it helps to have additional measures beyond Windows Defender and I can offer some.
If on the other hand you don't use cracked software, don't engage in risky activity with running strange code, visiting high risk websites, etc. I would say honestly Windows Defender properly configured and basic education and precautions not to run untrusted code or open untrusted files or click strange links and keeping software up to date (applying patches, running software that is still maintained) is probably enough. If this is the case I'd also take money you'd normally pay for AV (assuming you're not using the free version and paying) and buy an external hard drive, back up all your important stuff against crypto-lockers and refresh it every 2-3 months (do not under any circumstances leave the drive constantly connected as most modern crypto-lockers will of course encrypt connected external drives so only plug in such a back-up plan when transferring files and immediately unplug).
I think the U.S. only serves to isolate themselves in creating an American firewall. It is risky to work with the U.S. and western nations and the global south has seen that since Ukraine and so the global south will not support sanctions against Chinese and Russian goods, because it is not in their interests. They will have a lot of couping to do. That is my opinion at least, with the Russian african coalition, it would take a lot of work
The point is to force you to use their US-made software which is full of backdoors for the CIA and NSA. It's a sinking ship, they think this will reinforce their market and control but much like trying to decouple from China, it hurts the US ultimately.
I'll admit it's not as great as it once was but I do think one reason the US especially wants to gut punch Kaspersky is because they're developed advanced security systems for industrial systems which Kaspersky previously revealed western backed state actors were very interested in trying to learn more about. These types of systems would be on the front line against western intelligence agency hacking campaigns.
Kaspersky actually set the standard for HIPs and behavior control some years ago, they're no longer an exclusive pack leader there but their software very quickly had a lot of granularity in control making it one of the better fully loaded packaged solutions.
Right now I don't see any good software that really has everything packaged together. It's all configurators and gui's for Windows systems plus bolted on other aspects like firewall control.