US Sanctions Kaspersky Executives After Domestic Cybersecurity Sales Ban

The U.S. did not sanction CEO and founder Eugene Kaspersky.

The United States has blocked members of Russia-based cybersecurity vendor Kaspersky’s leadership from making transactions in the country a day after banning the company from making sales in the U.S.

Twelve individuals associated with Kaspersky have been designated to the Specially Designated Nationals (SDN) list by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC).

OFAC did not add Kaspersky CEO and founder Eugene Kaspersky to the list. The company itself did not receive any sanctions by OFAC.

“Today’s action against the leadership of Kaspersky Lab underscores our commitment to ensure the integrity of our cyber domain and to protect our citizens against malicious cyber threats,” Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson said in a statement Friday. “The United States will take action where necessary to hold accountable those who would seek to facilitate or otherwise enable these activities.”

[RELATED: US To Ban Kaspersky Sales As Cybersecurity Vendor Denies Threat Accusations]

US Sanctions Kaspersky Execs

In an emailed statement to CRN, the cybersecurity vendor called the sanctions “unjustified and baseless” and “based on the present geopolitical climate and theoretical concerns, rather than on a comprehensive evaluation of the integrity of (the) company's products and operations.”

The vendor “will continue to defend ourselves against actions that seek to unfairly harm our reputation and commercial interests,” according to the statement.

“The current step will not affect the company’s resilience as neither Kaspersky nor its subsidiary companies nor its CEO were designated by the OFAC,” according to the company.

The company said that “neither Kaspersky nor its management team has any ties to any government, and we consider the allegations quoted by the OFAC as pure speculation.”

The allegations lack “concrete evidence of a threat posed to the US national security,” and none of the sanctioned Kaspersky executives “have any ties to the Russian military and intelligence authorities or have anything to do with the Russian government’s cyber intelligence objectives,” according to the statement.

“For over 26 years, Kaspersky has succeeded in its mission of building a safer future by protecting over a billion devices,” according to the company statement. “Kaspersky provides industry-leading products and services to customers around the world to protect them from all types of cyber threats, and has repeatedly demonstrated its independence from any government. Additionally, Kaspersky has implemented significant transparency measures that are unmatched by any of its cybersecurity industry peers to demonstrate its enduring commitment to integrity and trustworthiness.”

The company “remains committed to protecting the world from cyberthreats” and looks “forward to what the future holds.”

All of Kaspersky’s overall sales come through indirect channel and alliance relationships, according to CRN’s 2024 Channel Chiefs.

The news comes after the U.S. Department of Commerce banned Kaspersky entities from selling some of its security products in the country, accusing the vendor of “undue and unacceptable risks to U.S. national security and to the security and safety of U.S. persons” as a Russia-based cybersecurity company.

In a statement published Thursday, Kaspersky said that it was “aware of the” Department of Commerce decision and that while sales of its products are banned, users can continue to use them. It “intends to pursue all legally available options to preserve its current operations and relationships.”

The vendor denied engaging “in activities which threaten U.S. national security,” according to the statement. The vendor “has made significant contributions with its reporting and protection from a variety of threat actors that targeted U.S. interests and allies” and “has repeatedly demonstrated its independence from any government,” according to Kaspersky.

The Executives

The 12 Kaspersky executives sanctioned by the U.S. range from the chief business development officer to the chief human resources (HR) officer and a managing director of Russia and the Commonwealth of Independent States (CIS) – a group of countries in Europe and Asia including Russia, Belarus and Uzbekistan.

All are Russian nationals and range in age from 33 to 66. Two of them – Andrey Petrovich Dukhvalov and Kirill Aleksandrovich Astrakhan – were born in Ukraine, which has been the site of an ongoing war with Russia.

Two of the individuals – Andrei Gennadyevich Tikhonov and Igor Gennadyevich Chekunov – have been accused by U.S. media companies in the past of ties to the Soviet Union-era intelligence agency the KGB.

A 2018 BuzzFeed article and 2017 ABC News article said that Tikhonov, 57 – now a member of the boards of directors of various Kaspersky entities and chief operating officer (COO) since 2012 – attained the rank of lieutenant colonel in the Russian military intelligence service.

A 2017 Guardian article, 2017 Bloomberg article and the 2018 BuzzFeed article accuse Chekunov, 58 – member of the boards of directors of various Kaspersky entities and chief legal officer (CLO) – of being a former KGB officer.

BuzzFeed and Bloomberg also alleged that Chekunov was Kaspersky’s liaison to the KGB’s successor organization, the FSB, and BuzzFeed detailed an incident where Chekunov helped save the son of Eugene Kaspersky from kidnappers.

A 2018 online post by Kaspersky addressed the accusations by saying that “Igor Chekunov did his compulsory military service at the State Border Service, which back in those times was a branch of the KGB, and Andrey Tikhonov worked in a research institution that was related to the Ministry of Defense, but not the KGB.”

CEO and founder Eugene Kaspersky “graduated from the cryptographic high school of the KGB, which is now named the Institute of Cryptography, Communications and Informatics; however, he never served in the KGB (or the FSB, for that matter),” according to the online post by the vendor. “It’s also important to note that Eugene grew up in the Soviet era, when almost every educational opportunity was sponsored by the government in some manner.”

The post continued: “Kaspersky, Chekunov, and Tikhonov have been with the company for ages, since it was a small start-up in the very niche area of ‘antivirus security.’ That was 10 to 15 years before cybersecurity went mainstream, and it was of no interest to the Kremlin, or Lubyanka, or anyone else in that realm. It would be weird (and flat-out wrong) to assume these executives were introduced into the company’s top management to give Russian spies leverage in Kaspersky Lab’s actions.”

A profile of Tikhonov removed from Kaspersky’s website said that he previously worked as “head of the Novell development department from 2002 following a successful period as a project manager.”

A profile of Chekunov removed from Kaspersky’s website said that he “has a Ph.D. in Law from the Moscow University of the Ministry of Internal Affairs of the Russian Federation” and “held a number of positions with the Ministries of Internal Affairs, Industry, Oil and Energy, and Transport of the Russian Federation” before joining Kaspersky in 1998.

Other sanctioned individuals include:

The Sanctions

As part of the sanctions imposed on the Kaspersky executives, they can’t give or receive funds, goods or services in the U.S. The Treasury Department also notes that “foreign financial institutions that conduct or facilitate significant transactions or provide any service involving Russia’s military-industrial base run the risk of being sanctioned by OFAC.”

The Treasury Department in its statement Friday said that sanctions are not meant “to punish, but to bring about a positive change in behavior,” and that people on the list can get off of it.

The U.S. has taken other steps this year in addressing international cybersecurity concerns. In March, the Department of Treasury added a group of Chinese nationals to its SDN list, accusing them of a 14-year cyberattack campaign that included attacks on MSPs.