Capping off months of controversy, espionage claims and international intrigue, the U.S. government ban on Kaspersky Lab software has been signed into law. The ban, wedged into the Fiscal Year 2018 National Defense Authorization Act (NDAA), would preclude all federal computers and connected networks from using antivirus software made by the Russian cybersecurity firm.
“Considering the grave risk that Kaspersky Lab poses to our national security, it’s necessary that the current directive to remove Kaspersky Lab software from government computers be broadened and reinforced by statute,” said New Hampshire Senator Jeanne Shaheen, a key proponent of the legislation.
“The case against Kaspersky is well-documented and deeply concerning. This law is long overdue, and I appreciate the urgency of my bipartisan colleagues on the Senate Armed Services Committee to remove this threat from government systems. Going forward, I will continue to push for additional measures that strengthen our nation’s cybersecurity and protect our democracy from harmful foreign interference,” Shaheen wrote in a press release.
The Kaspersky ban, which appears in Section 1634 of the 2018 NDAA, reads as follows:
“No department, agency, organization, or other element of the Federal Government may use, whether directly or through work with or on behalf of another department, agency, organization, or element of the Federal Government, any hardware, software, or services developed or provided, in whole or in part, by—
(1) Kaspersky Lab (or any successor entity);
(2) any entity that controls, is controlled by, or is under common control with Kaspersky Lab; or
(3) any entity of which Kaspersky Lab has majority ownership.”
Last week, Kaspersky Lab announced that it would close its Washington, D.C. offices, which it stated were “no longer viable.”