The Expert's View with Michael Novinson

Cyberwarfare / Nation-State Attacks , Endpoint Security , Fraud Management & Cybercrime

How Much Damage Would US Action Against Kaspersky Inflict?

Enforcement Action Could Deal Fatal Blow to Kaspersky's North American Business
How Much Damage Would US Action Against Kaspersky Inflict?

Further punishment of Moscow-based Kaspersky by the Biden administration could be the final nail in the coffin of the company's deeply wounded North American business.

See Also: Breaking Free from VPN Limitations: Simplifying Remote Access Security

The U.S. Commerce Department is weighing enforcement action against the Russian cybersecurity giant under its online security rules in what could be a precursor to hitting Chinese-controlled companies such as TikTok with the same restrictions, The Wall Street Journal reported. The rules aim to protect U.S. internet users from Russia- and China-based threats and allow for the outright ban of particular apps.

A Commerce Department spokesperson told The Journal that it doesn't comment on "company-specific actions" but said that it is "committed to fully exercising its authorities to protect Americans' sensitive data." Kaspersky didn't respond to an inquiry from The Wall Street Journal, and neither the Commerce Department nor Kaspersky responded to Information Security Media Group's requests for comment (see: FCC Adds Kaspersky, Chinese Telecoms to High-Risk Companies).

Any enforcement action against Kaspersky from the Commerce Department would prohibit the use of the company's software in a specific set of circumstances, such as on computer networks that operate critical infrastructure, The Wall Street Journal reported. An overly broad restriction on Kaspersky in U.S. networks could lead to unintended consequences and jeopardize the functionality of other software.

But even a slap on the wrist against Kaspersky will contribute to the chasm in which hardware or software produced in the West is used by Western organizations and Russian- or Chinese-produced technology is used only by allies of those nations. Kaspersky denies that it works with Russia to facilitate cyberespionage, but it has further reduced its footprint in North America since Russia invaded Ukraine in February 2022.

A Tale of Two Extremes

Kaspersky was the world's ninth-largest endpoint security vendor in June 2022 with 2.9% market share, according to IDC. The company's endpoint security revenue grew by 7.9% from $232.6 million in June 2021 to $251.1 million in June 2022. But global sales figures obscure a dramatic shift in Kaspersky's geographic sales mix that has taken place over the past half-decade.

The company's 2021 financial results - the most recent year available - tell the tale of this bifurcation. The company experienced a 25% increase in year-over-year sales to Russia, the Baltics, Central Asia and the Commonwealth of Independent States, or CIS, as well as double-digit revenue growth in Latin America and the Middle East, Turkey and Africa, or META. But in North America, Kaspersky's sales declined by 6%.

It was a similar story in 2020, with flat sales in North America and double-digit revenue gains in Russia, the Baltics, Central Asia, CIS, Latin America and META. In fact, Kaspersky's year-over-year sales have been flat or down in North America every year since at least 2017, while sales in the company's home region of Russia have grown by double digits in four of the past five years and by 6% in the fifth year.

Kaspersky hasn't released its 2022 sales figures yet, but the Russia-Ukraine war will likely drive a sharp decrease in the company's business in North America and Europe and a healthy increase in sales from Russia, the Baltics and the CIS region. The company will likely see less impact to revenue in regions such as Latin America, the Middle East or Africa, where the majority of countries haven't taken a side in the war.

A Divorce Seven Years in the Making

Kaspersky has been in the crosshairs of the American government since security agencies determined that Russia had interfered in the 2016 U.S. presidential election. The U.S. Department of Homeland Security issued a directive in September 2017 mandating civilian federal government agencies remove Kaspersky's software after the company was accused of being linked to Russian intelligence services.

In December 2017, then-President Donald Trump signed a broader defense policy spending bill that bans Kaspersky's software from both civilian and military networks. The ban on U.S. government sales has made many American customers in the private sector, as well as state and local governments, reluctant to buy Kaspersky's technology even though sales aren't outright prohibited.

The U.S. government's scrutiny of Kaspersky ramped up last year after Russia's invasion of Ukraine. In March, the U.S. Federal Communications Commission added Kaspersky to its list of telecom equipment and service providers considered a national security risk. The move made Kaspersky the first Russian firm on the list, which previously only included Chinese companies.

That same month, The Wall Street Journal reported that the National Security Council had pressed the Treasury Department to ready sanctions against Kaspersky amid long-standing allegations that the Russian government could exploit Kaspersky's technology to install malicious software on the networks of its customers. But the Biden administration ultimately didn't move forward with the sanctions.

Still, the designation of Kaspersky products as a national security risk prompted MSP platform provider Kaseya to terminate support for its technology, CRN reported last year. In an email to MSPs in April 2022, Kaseya urged any managed service providers still using Kaspersky to switch to an antivirus offering built on technology from Romania-based cybersecurity vendor Bitdefender, according to CRN.

The Russia-Ukraine war has also accelerated Kaspersky's brain drain in North America and Europe. Vice President of Global Marketing Andrew Winton left this month to lead marketing at Dynata, while B2B channel and sales leader Matthew Courchesne left in May 2022 for a similar role at Cyware. Just 158 of Kaspersky's 3,791 employees are based in the U.S. today, and 96 are in the U.K., IT-Harvest found.

Threatpost, an English-language cybersecurity news publication owned by Kaspersky, stopped publishing new content at the end of August 2022.

Kaspersky will likely double down on selling to organizations in nations friendly to Russia as the divide between the world's superpowers deepens. Any future regulatory action against Kaspersky by the Biden administration will only serve to accelerate that trend.

About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.