U.S. federal agencies were first ordered to remove Kaspersky-branded products from federal information systems via a Binding Operational Directive (BOD) issued by the Department of Homeland Security in September 2017.
Below is an archived snapshot of the DHS directive that explains the US government’s decision to remove Kaspersky software from government PCs.
The Federal Communications Commission (FCC) stated that the Russian cybersecurity firm Kaspersky poses unacceptable risks to U.S. national security.
Kaspersky services covered by this decision include information security products, solutions, and services supplied by Kaspersky or any linked companies, including subsidiaries or affiliates.
FCC’s national security ban list was also expanded to include Chinese state-owned mobile service providers China Mobile International USA and China Telecom Americas.
The decision was taken following requirements in the Secure and Trusted Communications Networks Act of 2019.
According to FCC Commissioner Brendan Carr, their addition to the Covered List means that they are prohibited from receiving support through FCC’s Universal Service Fund.
“Last year, for the first time, the FCC published a list of communications equipment and services that pose an unacceptable risk to national security, and we have been working closely with our national security partners to review and update this list,” said Chairwoman Jessica Rosenworcel.
“Today’s action is the latest in the FCC’s ongoing efforts, as part of the greater whole-of-government approach, to strengthen America’s communications networks against national security threats, including examining the foreign ownership of telecommunications companies providing service in the United States and revoking the authorization to operate where necessary. Our work in this area continues.”
The Secure and Trusted Communications Networks Act requires the Commission to publish and maintain a list of communications equipment and services that pose an unacceptable risk to national security or the security and safety of U.S. persons. The FCC published the initial list, commonly referred to as the covered list, in March 2021, and will continue to update the list as other communications equipment and services meet the criteria under the law.
Meanwhile, HackerOne blocked Kaspersky’s access and indefinitely suspended its bug bounty program. HackerOne’s decision to disable the Kaspersky bug bounty program follows another blow received by the Russian company after Germany’s Federal Office for Information Security, BSI, warned companies against using Kaspersky products.
If you would like to hear about the latest on cybersecurity, subscribe to our newsletter, follow us on LinkedIn and share the informative articles with your followers on social media.
