Australia bans government use of Kaspersky software over Russian espionage concerns

Australia has prohibited government officials from using cybersecurity software from the Russian firm Kaspersky Lab, citing concerns over foreign interference, espionage and sabotage.

Under the new directive, government agencies must not install Kaspersky Lab products or web services on official systems and devices, and they must remove any existing instances by April.

“After considering threat and risk analysis, I have determined that the use of Kaspersky Lab products and web services … poses an unacceptable security risk to the Australian government, networks, and data,” Australia’s secretary of the Department of Home Affairs, Stephanie Foster, said in a statement on Friday.

She also warned about Kaspersky’s “extensive collection of user data and exposure of that data to extrajudicial directions from a foreign government that conflict with Australian law.”

Australia is the latest member of the Five Eyes intelligence partnership to announce restrictions on Kaspersky software, joining the United States, the United Kingdom and Canada. 

According to Foster’s statement, some Australian state agencies may seek an exemption for the use of Kaspersky's software, but it should be time-limited and linked to the conduct of “national security or regulatory functions, including compliance and law enforcement functions.”

In a comment to Recorded Future News, a Kaspersky spokesperson said that the company is “disappointed” with Australia’s decision to ban its products on state systems and devices, adding that the directive was issued without “any warning or opportunity for engagement.”

“Kaspersky believes that the decision stems from the current geopolitical climate and was not supported by any technical assessment of the company’s products, which the company has been continuously advocating for,” the spokesperson said.

According to the emailed statement, the allegations cited in the directive “are not based on specific evidence, and no due process has been organized or followed to provide justification.” 

Despite the ban on its software within Australian government systems, Kaspersky said it will continue to serve other customers there.

“We are ready to collaborate with Australian government agencies to address any questions about the security of our products to revise this decision,” the company added.

Earlier in February, Australia also banned the Chinese artificial intelligence startup DeepSeek from all government devices and systems over the "unacceptable risk" it poses to national security.

The US and beyond

The U.S. announced a full ban of Kaspersky products in June, citing longstanding national security and data privacy concerns and a push to better protect critical infrastructure. Soon afterward the company closed down its U.S. operations.

At that time, Kaspersky claimed that the company "does not engage in activities which threaten U.S. national security” and has “made significant contributions with its reporting and protection from a variety of threat actors that targeted U.S. interests and allies."

Despite these reassurances, the U.S. added a dozen executives and senior leaders at Kaspersky to its sanctions list later last year.

Germany warned about Kaspersky use after the Russian invasion of Ukraine. Italy and the Netherlands have taken steps to end its use by government agencies.