Cybersecurity company Kaspersky Lab has been blacklisted by the Federal Communications Commission (FCC) for posing a national security risk to the U.S. Details on what constitutes the risk haven’t been made public. Besides Kaspersky, China Mobile and China Telecom also joined FCC’s list comprising Huawei, ZTE, Hytera Communications, Hangzhou Hikvision Digital, and Dahua Technology.Â
A week after Kaspersky Lab’s (Kaspersky) operations in the U.S. raised concerns, the FCC has added the cybersecurity vendor to its ‘Covered ListOpens a new window .’ The federal agency blacklisted it as one of the companies that presents an “unacceptable risk to U.S. national security or the security and safety of United States persons.†The move comes under the Secure and Trusted Communications Networks Act of 2019.
Kaspersky is the first Russian entity to enter the list, the rest of which is currently made up of Chinese tech companies Huawei, ZTE, Hytera Communications, Hangzhou Hikvision Digital, and Dahua Technology. Besides Kaspersky, two more Chinese companies, China Mobile and China Telecom, also made it to the list.
It is hard to say if the FCC/U.S. government’s decision was based on suspicion that the private security provider is somehow associated with the Kremlin, making the company a victim of the ongoing geopolitical turmoil in eastern Europe. Kaspersky certainly seems to think so.
“This decision is not based on any technical assessment of Kaspersky products – that the company continuously advocates for – but instead is being made on political grounds,†the company said.
Kaspersky pointed out that much like the U.S. Government’s prohibitions imposed in 2017 on federal entities/contractors’ use of Kaspersky products, the latest move is also “unconstitutional, based on unsubstantiated allegations, and lacked any public evidence of wrongdoing by the company.â€
See More: 5 CISO Approved Security Best Practices Amid Russia-Ukraine Conflict
On March 25, Kaspersky was also kicked out ofOpens a new window HackerOne’s bug bounty program unilaterally. HackerOne also froze existing funds and discussions about previously reported vulnerabilities, a rather cold move. However, Kaspersky being booted from HackerOne without any concrete proof of it being a Russian government-driven entity will only affect end users.
Being a part of FCC’s Covered List means U.S.-based businesses are disallowed from using the $8 billion federal subsidies under FCC’s Universal Service Fund to purchase Kaspersky products and services. The fund is intended to help support and maintain safe communication across the U.S.
“Kaspersky believes today’s expansion of such prohibition on entities that receive FCC telecommunication-related subsidies is similarly unsubstantiated and is a response to the geopolitical climate rather than a comprehensive evaluation of the integrity of Kaspersky’s products and services,†Kaspersky stated.
Cyberattacks, especially those originating from Russia and China against the U.S., have intensified since last year. The impact of one of the most significant cyberattacks, the SolarWinds Orion supply chain hack, has instilled fear among organizations. The SolarWinds hack had origins in Russia and was a cyberespionage operation that affected nearly 100Opens a new window of the 18,000 organizations that downloaded a compromised SolarWinds Orion version. Kaspersky’s website says that currently, 400 million users use its products.
Both China Mobile and China Telecom were already in the throes of pre-existing sanctions that prohibited them from operating in the U.S. telecom market. FCC Commissioner Brendan Carr saidOpens a new window , “In particular, I am pleased that our national security agencies agreed with my assessment that China Mobile and China Telecom appeared to meet the threshold necessary to add these entities to our list.â€
Let us know if you enjoyed reading this news on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!