Despite the ban on Kaspersky products in the US they continue to be actively used by US organizations, including by 19 US government entities.
A Bitsight analysis found that 40% of US organizations observed to be using Kaspersky products before the prohibition came into effect on September 29, 2024, still appear to be using the products.
The findings demonstrate that policymakers need effective ways of measuring the current technology usage within their borders amid growing government concern about supply chain risk and the trust of technology providers, Bitsight said.
The analysis was based on Bitsight’s observation of connections/communications between global IP addresses that it attributed to specific organizations and Kaspersky update servers.
Significant Drop in Use of Kaspersky Products
Despite the continued usage of Kaspersky products since the ban, the research did find that it has had a significant impact on the global usage of Kaspersky products.
In April 2024, Bitsight recorded nearly 22,000 global organizations and over seven million unique IP addresses communicating with Kaspersky update servers. By November 30, this fell to around 8000 global organizations and two million unique IP addresses, representing a fall of around two-thirds.
The rate at which the use of Kaspersky products fell between April and November was faster in countries that have not instituted outright bans.
These include Germany (69% drop), the UK (70%) and Italy (65%), which compares to 58% in the US.
Bitsight wrote: “The US government announcement of the prohibition of Kaspersky has clearly impacted the global usage of Kaspersky products, both in the US and internationally. But the data reveals a more complicated story. On the one hand, the ban appears to not have completely eliminated Kaspersky usage in the US by the deadline imposed.”
The firm added: “Equally interesting is the impact that the US ban appears to have on Kaspersky usage in other countries, even in locations that had previously announced their own restrictions and warnings.”
On June 20, 2024, the US Department of Commerce’s Bureau of Industry and Security (BIS) issued a Final Determination prohibiting Kaspersky Lab, Inc., the US subsidiary of the Russian cybersecurity firm, from providing any products or services in the US.
This ban is due to the company’s alleged links to the Russian regime, which US authorities believe poses a national security risk.
Kaspersky denied it was under the influence of the Kremlin and vowed to contest the ban. However, in July the Moscow-based company announced it would be winding down its business operations in the US.
Read now: Recorded Future CEO Calls Russia’s “Undesirable” Listing a “Compliment”
Image credit: Tatiana Belova / Shutterstock.com