American president Donald Trump on Tuesday signed the bill into law to ban the use of Kaspersky Lab software within the U.S. Government, which puts an end to the months-long attempt to purge the Moscow-based antivirus firm from federal agencies.
“The case against Kaspersky is well-documented and deeply concerning. This law is long overdue,” said Democratic Senator Jeanne Shaheen, who led calls in Congress to scrub the software from government computers. She added that the Russian company’s software represented a “grave risk” to U.S. national security.
The directive appears in Section 1634 of the 2018 NDAA, and it reads as follows:
“No department, agency, organization, or other element of the Federal Government may use, whether directly or through work with or on behalf of another department, agency, organization, or element of the Federal Government, any hardware, software, or services developed or provided, in whole or in part, by—
(1) Kaspersky Lab (or any successor entity);
(2) any entity that controls, is controlled by, or is under common control with Kaspersky Lab; or
(3) any entity of which Kaspersky Lab has majority ownership.”
In September the Trump administration issued a directive requiring both military and civilian agencies to remove Kaspersky Lab software within 90 days.
Kaspersky Lab has repeatedly denied that it has ties to any government and said it would not help a government with cyber espionage. In an attempt to address American government suspicions, the company declared in October that it was willing to submit the source code of its software and future update for inspection by independent parties. This proposal was not accepted however, and last week Kaspersky Lab announced that it would close its its Washington, D.C. offices.
As a response to this ban, Kaspersky Lab said in a statement on Tuesday that it continued to have “serious concerns” about the law “due to its geographic-specific approach to cybersecurity”. It added that the company was assessing its options and would continue to “protect its customers from cyber threats (while) collaborating globally with the IT security community to fight cybercrime”.