The Australian government is in talks with the US government over the implications of a ban of the Russian antivirus software company Kaspersky, but no plans are yet in place to follow suit.
Kaspersky has been dropped from the Australian consumer watchdog website Scamwatch’s partner list, however, Guardian Australia has confirmed.
Late last month the Biden administration announced that it would ban the sale of Kaspersky software in the US and prevent the company from providing updates for software already in use.
The commerce department made the ruling after an investigation had found that Moscow-headquartered Kaspersky’s operations in the US “presented a national security risk due to the Russian government’s offensive cyber capabilities and capacity to influence or direct Kaspersky’s operations”.
The US commerce secretary, Gina Raimondo, said the decision was based on the Russian government’s “capability and intent to exploit Russian companies … to collect and weaponise sensitive US information.”
A spokesperson for the Australian home affairs department said while the ban is a sovereign decision for the US, and other countries can make their own assessments and decisions, the government is “closely monitoring the developments in the US on this matter, and the department is proactively engaged with the US government to understand the implications of the determination”.
In 2017, following reports that pointed the finger at Kaspersky for the theft of confidential data from the machine of a US National Security Agency contractor that alerted Russian hackers to the presence of NSA tools, the company denied it was handed to hackers deliberately. In the subsequent years it worked to rebuild trust among non-Russian countries through transparency and independent assessments of its software source code.
At that time, the then secretary of the Department of Prime Minister and Cabinet wrote to departments addressing the risks of Kaspersky but no ban was put in place. This advice was reiterated after the US ban last month.
“The Australian government is committed to keeping Australians safe and secure, and will continue to make appropriate decisions about our security interests as necessary, in accordance with our national interests,” the home affairs spokesperson said.
Australia’s cybersecurity positioning frequently aligns with the US and other Five Eyes countries. Australia banned Chinese telecoms company Huawei before the US and the UK, and ultimately followed other countries in banning TikTok from government devices last year.
Jeremy Kirk, cybercrime analyst at Intel 471, said Kaspersky’s research team had always been highly regarded in the industry and its CEO, Eugene Kaspersky, is a “gregarious, likable figure whose past technical education and association with the KGB and Soviet intelligence was always a point of intrigue”.
But he said Kaspersky’s mother country is a “dangerous adversary that meddles with elections, peddles misinformation and has a very active offensive cyber program aimed at data theft, persistent infections of devices and occasionally destruction”.
The UK and US governments believe Russia’s intelligence agencies already work with cybercriminal groups, and those agencies “would be foolish not to leverage those on the other side as well”, Kirk said.
“That makes the use of [Kaspersky] products and software untenable.”
Kaspersky was contacted for comment. In a statement last month to Agence France-Presse, Kaspersky said the decision was made “based on the present geopolitical climate and theoretical concerns” and vowed to “pursue all legally available options to preserve its current operations and relationships”.
“Kaspersky does not engage in activities which threaten US national security and, in fact, has made significant contributions with its reporting and protection from a variety of threat actors that targeted US interests and allies,” the company said.
Eugene Kaspersky was not sanctioned as part of the ban.
Kaspersky Labs frequently provides advice to parliamentary inquiries and government consultations on cybersecurity matters in Australia, and was listed a partner of the consumer watchdog’s Scamwatch website.
A spokesperson for the Australian Competition and Consumer Commission said that Kaspersky was one of the companies listed as a partner as it had supported and promoted scams awareness week activities in 2023, but was not in the list of entities the regulator will be partnering with for the same week in 2024.
“We will ensure that the ‘Our Partners’ page is updated to reflect this,” the spokesperson said.
In January, the Australian government sanctioned the 33-year-old Russian citizen Aleksandr Gennadievich Ermakov, an IT worker and alleged cybercriminal, in connection with the 2022 Medibank hack. Law enforcement in Australia has previously expressed frustration over difficulty getting Russian counterparts to cooperate with cybersecurity investigations of suspects based in Russia.