Intensifying Sanctions on Kaspersky Executives: A Comprehensive Analysis of U.S. Strategic Cybersecurity Measures


In a notable escalation of its cybersecurity and geopolitical strategies, the United States Department of the Treasury’s Office of Foreign Assets Control (OFAC) imposed sanctions on twelve senior executives from Kaspersky Lab. This move, announced on June 7, 2024, follows a broader pattern of actions taken against Russian entities in response to concerns about cybersecurity threats and national security risks. This article delves into the intricate details of these sanctions, the historical context, the broader geopolitical implications, and the multifaceted responses from various stakeholders. It also explores the potential impacts on the global cybersecurity landscape, providing a comprehensive analysis of the current situation.

Background of Kaspersky Lab

Kaspersky Lab, founded in 1997 by Eugene Kaspersky, is a multinational cybersecurity and anti-virus provider headquartered in Moscow, Russia. Over the years, it has established itself as a leading player in the cybersecurity industry, offering a range of products and services designed to protect against malware, hackers, and cyber threats. Despite its technical prowess and widespread adoption, Kaspersky Lab has been a subject of controversy, particularly concerning its alleged ties to the Russian government.

The scrutiny intensified in 2017 when the U.S. Department of Homeland Security (DHS) issued a directive instructing federal agencies to remove Kaspersky products from their systems. This directive was based on concerns that the Russian government could exploit the company’s software for espionage purposes. Subsequently, the National Defense Authorization Act for Fiscal Year 2018 included provisions prohibiting the use of Kaspersky products in federal contracts, further solidifying the U.S. government’s stance on the matter​ ​.

Details of the Sanctions

The latest sanctions, imposed on June 7, 2024, target twelve senior executives of Kaspersky Lab. These individuals hold critical positions within the company, influencing its strategic and operational decisions. The sanctioned executives are:

All the individuals below were designated pursuant to E.O. 14024 for operating in the technology sector of the Russian Federation economy.

  • Andrei Gennadyevich Tikhonov (Tikhonov) is a member of the boards of directors of Kaspersky Lab, its parent organization OOO Kaspersky Group (Kaspersky Group), as well as the United Kingdom-based holding company Kaspersky Limited. Since January 2012, Tikhonov has served as Kaspersky Lab’s Chief Operating Officer (COO), a position that is responsible for the global administrative functions of the company. The COO is a member of Kaspersky Lab’s Executive Team and is directly subordinate to the company’s Chief Executive Officer (CEO). 
  • Daniil Sergeyevich Borshchev (Borshchev) is a member of the boards of directors of Kaspersky Lab, Kaspersky Group, and Kaspersky Limited. In March 2017, he was appointed Kaspersky Lab’s Deputy CEO of Strategy and Economics, which is responsible for long term economic strategic issues, developing the company’s global economic landscape, and internal audits. The Deputy CEO of Strategy and Economics is a member of the company’s Executive Team, which is directly subordinate to the CEO. Borshchev has also served as Kaspersky Lab’s Chief Financial Officer (CFO) and Deputy CFO. 
  • Andrei Anatolyevich Efremov (Efremov) is a member of the boards of directors of Kaspersky Lab and Kaspersky Group and is also the company’s Chief Business Development Officer (CBDO). The CBDO is responsible for the technological development and business results of Kaspersky Lab, and is a member of the company’s Executive Team, which is directly subordinate to the CEO. 
  • Igor Gennadyevich Chekunov (Chekunov) is a member of the boards of directors of Kaspersky Lab and Kaspersky Group and is the company’s Chief Legal Officer (CLO). The CLO is responsible for the legal oversight of all the company’s activities, and certain departments, such as the Computer Incidents Investigation, Security, and Intellectual Property Control, operate under the CLO’s leadership. The CLO is also a member of Kaspersky Lab’s Executive Team and is directly subordinate to the CEO. 
  • Andrey Petrovich Dukhvalov (Dukhvalov) is Kaspersky Lab’s Vice President and Director of Future Technologies. The Vice President is a member of the company’s Executive Team and is directly subordinate to the CEO. 
  • Andrei Anatolyevich Suvorov (Suvorov) is Kaspersky Lab’s Head of Kaspersky Operating System Business Unit, a role which is a member of the company’s Executive Team and is directly subordinate to the CEO. 
  • Denis Vladimirovich Zenkin (Zenkin) is the Kaspersky Lab’s Head of Corporate Communications, a role which is a member of the company’s Executive Team and directly subordinate to the CEO. 
  • Marina Mikhaylovna Alekseeva (Alekseeva) is Kaspersky Lab’s Chief Human Resources (HR) Officer (CHRO), a role which is a member of the Executive Team and directly subordinate to the COO. As CHRO, Alekseeva is responsible for Kaspersky Lab’s HR strategy on a global level and overseeing “Kaspersky Academy,” which provides training for the company’s employees, customers, and partners. 
  • Mikhail Yuryevich Gerber (Gerber) is Kaspersky Lab’s Executive Vice President of Consumer Business, a role that is part of the company’s Executive Team and is directly subordinate to the CBDO. He is responsible for the development of Kaspersky Lab’s business-to-consumer products on several operating systems.
  • Anton Mikhaylovich Ivanov (Ivanov) heads Kaspersky Lab’s research and development department as the company’s Chief Technology Officer (CTO). The CTO is part of the company’s Executive Team, directly subordinate to the CBDO. 
  • Kirill Aleksandrovich Astrakhan (Astrakhan) is Kaspersky Lab’s Executive Vice President for Corporate Business, a position which is part of the company’s Executive Team and subordinate to the CBDO. In this role, Astrakhan is responsible for leading the development and growth of the company’s corporate sales. 
  • Anna Vladimirovna Kulashova (Kulashova) is Kaspersky Lab’s Managing Director for Russia and the Commonwealth of Independent States (CIS), a position that is part of the company’s senior leadership team and is directly subordinate to the Executive Vice President for Corporate Business. Kulashova is responsible for developing the direction of corporate sales and strengthening the company’s position in the field of protection against complex cyber threats in Russia and CIS countries. 
  • TikhonovBorshchevEfremovChekunovDukhvalovSuvorovZenkinAlekseevaGerberIvanovAstrakhan, and Kulashova are designated pursuant to E.O. 14024 for operating or having operated in the technology sector of the Russian Federation economy. 

OFAC has not designated Kaspersky Lab, its parent or subsidiary companies, or its CEO.

These sanctions effectively freeze any assets these individuals may have under U.S. jurisdiction and prohibit U.S. persons from engaging in transactions with them. The intent is to disrupt Kaspersky Lab’s ability to operate freely and mitigate any potential cyber threats originating from its activities.

Broader Geopolitical Context

The sanctions on Kaspersky executives are part of a broader strategy employed by the United States to counter Russian influence and aggression. This strategy includes a range of economic and political measures aimed at weakening Russia’s geopolitical power and curbing its ability to engage in activities that threaten U.S. national security and international stability.

One significant aspect of this strategy is the systematic targeting of key sectors within the Russian economy, including financial institutions, energy companies, and technology firms. For instance, the U.S. has imposed extensive sanctions on Russian banks like Sberbank and VTB, which play crucial roles in the country’s financial system. These sanctions aim to cripple Russia’s economic capabilities by restricting access to international markets and financial systems​.

In addition to targeting economic sectors, the U.S. has also focused on individuals and entities involved in Russia’s military and intelligence operations. This includes sanctions on oligarchs and businessmen with close ties to the Kremlin, such as Alisher Usmanov, a billionaire with significant interests in various sectors of the Russian economy. By targeting these individuals, the U.S. seeks to disrupt the financial networks that support Russia’s strategic objectives, including its ongoing military operations in Ukraine​.

Responses from Stakeholders

The Kremlin has vehemently opposed the U.S. sanctions, describing them as a tactic to eliminate competition and undermine Russian businesses. Kremlin spokesman Dmitry Peskov has consistently argued that these measures are part of a broader strategy by the U.S. to maintain its technological and economic supremacy by stifling foreign competition. Kaspersky Lab, on its part, has maintained that it operates independently of the Russian government and has no ties to state intelligence agencies​.

In response to the sanctions, Kaspersky Lab has announced its intention to explore legal options to challenge the U.S. government’s decisions. The company argues that the sanctions are based on unsubstantiated allegations and lack a thorough evaluation of its products and services. Kaspersky Lab has also emphasized its commitment to transparency and security, highlighting its efforts to undergo independent audits and evaluations to reassure customers and stakeholders of its integrity and reliability​​.

Impact on the Global Cybersecurity Landscape

The sanctions on Kaspersky executives have significant implications for the global cybersecurity landscape. Firstly, they highlight the increasing role of cybersecurity in international relations and the importance of securing critical infrastructure against potential cyber threats. The U.S. actions serve as a warning to other countries and companies about the potential risks of engaging with entities that may have connections to adversarial governments.

Secondly, the sanctions could lead to a reevaluation of cybersecurity partnerships and supply chains worldwide. Companies and governments may need to reassess their reliance on foreign cybersecurity providers and seek alternative solutions to mitigate risks. This could spur innovation and competition in the cybersecurity industry, as new players emerge to fill the void left by restricted entities like Kaspersky Lab​​.

Moreover, the sanctions underscore the need for robust international frameworks to address cybersecurity challenges. As cyber threats become more sophisticated and pervasive, collaboration among nations is essential to develop effective strategies and policies to safeguard critical infrastructure and protect against malicious activities. This includes sharing intelligence, coordinating responses to cyber incidents, and establishing norms and standards for responsible behavior in cyberspace.

In conclusion, the sanctions imposed on Kaspersky executives represent a critical step in the U.S. strategy to enhance its cybersecurity posture and counter perceived threats from Russian entities. While the immediate impact is on the individuals sanctioned, the broader implications extend to the global cybersecurity landscape and international relations. The situation underscores the complexity and significance of cybersecurity in contemporary geopolitics and highlights the need for continued vigilance and cooperation to address emerging threats.

As the situation evolves, it will be crucial to monitor the responses from Kaspersky Lab, the Russian government, and other international stakeholders. The outcomes of these sanctions will likely influence future policies and actions in the realm of cybersecurity and international security, shaping the strategies and approaches of nations in their efforts to protect their digital domains and maintain global stability.

APPENDIX 1 – How Israel Caught Russian Hackers Scouring the World for American Secrets

On October 10, 2017, a sophisticated cyber espionage drama unfolded, revealing a complex web of international intrigue involving Israeli intelligence, Russian hackers, and American secrets. This extraordinary event exposed the lengths to which state actors would go to infiltrate and exploit global cyber networks. Israeli intelligence officers, leveraging their advanced cyber capabilities, managed to watch in real-time as Russian government hackers scoured computers around the world, searching for code names of American intelligence programs. This unprecedented breach had far-reaching implications for global cybersecurity and international relations.

The Discovery and the Spy Network

Israeli intelligence operatives had been monitoring the network of Kaspersky Lab, a Russian cybersecurity firm, when they stumbled upon a shocking discovery. They observed Russian hackers utilizing Kaspersky’s antivirus software as a tool to gain access to sensitive information stored on computers globally. This surveillance was not just a simple hacking attempt; it was a meticulously planned operation designed to exploit the extensive reach of Kaspersky’s software, which was used by approximately 400 million people worldwide, including officials from about two dozen American government agencies.

The Israeli officials, having hacked into Kaspersky’s network, alerted the United States to this extensive Russian intrusion. This notification led to a significant decision by the U.S. government to remove Kaspersky software from all government computers, citing severe cybersecurity risks.

The Russian Hacking Operation

The operation conducted by the Russian hackers was sophisticated and alarming in its scope. It involved the theft of classified documents from a National Security Agency (NSA) employee who had improperly stored these documents on his home computer. This computer had Kaspersky antivirus software installed, which inadvertently provided a gateway for the hackers to access sensitive information. The extent of the American secrets collected by the Russian hackers remains undisclosed, but the implications of using Kaspersky software as a tool for cyber espionage were profound.

The Role of Kaspersky Lab

Kaspersky Lab, founded by Eugene V. Kaspersky, had long been a subject of speculation regarding its potential ties to Russian intelligence. The company’s antivirus software, like most security software, required access to everything stored on a computer to scan for viruses and other malicious activities. This level of access provided a perfect tool for Russian intelligence to exploit, enabling them to examine the contents of computers and extract any information of interest.

Kaspersky Lab has consistently denied any involvement in or knowledge of the Russian hacking activities. In a statement, the company asserted, “Kaspersky Lab has never helped, nor will it help, any government in the world with its cyber espionage efforts.” The company also requested any relevant and verifiable information to initiate an internal investigation into the allegations.

The U.S. Government’s Response

In response to the revelations, the Department of Homeland Security (DHS) issued a directive on September 13, ordering all federal executive agencies to cease using Kaspersky products within 90 days. This directive was based on the substantial information security risks posed by Kaspersky’s software. Acting DHS Secretary Elaine C. Duke emphasized the broad access provided by Kaspersky products and the potential exploitation by malicious cyber actors to compromise federal information systems.

This directive was not an isolated action but the culmination of months of intelligence discussions and analysis following the Israeli breach into Kaspersky’s systems. The intelligence community had long harbored concerns about the potential risks associated with Kaspersky’s software, given its significant market share in the United States and Western Europe.

The Israeli Intelligence Operation

Israeli intelligence had infiltrated Kaspersky’s corporate systems as early as 2014, uncovering a network of backdoors planted by Russian hackers. This intrusion provided Israeli operatives with invaluable insights into the methods and tools used by the Russians. The sophistication of the tools and techniques employed in the attack bore striking similarities to those used in previous high-profile cyber operations, such as the Stuxnet cyberweapon, which was a joint American-Israeli effort.

In June 2015, Kaspersky published a report detailing the breach, referring to it as “Duqu 2.0,” an evolution of the Duqu attack attributed to nation-states. The report highlighted that the attackers had evaded detection for months, indicating a high level of sophistication in their methods.

Implications for Global Cybersecurity

The revelation of this breach underscored the vulnerabilities inherent in widely used security software. It also highlighted the lengths to which state-sponsored hackers would go to infiltrate and exploit these vulnerabilities. The use of Kaspersky’s software by Russian hackers as a global search tool for American intelligence information represented a significant escalation in cyber espionage tactics.

The Broader Context of Cyber Espionage

The Kaspersky-related breach was one among several high-profile incidents that exposed the fragility of cybersecurity in the digital age. It followed the devastating leak of NSA hacking tools by a group known as the Shadow Brokers and the publication of CIA hacking data by WikiLeaks under the Vault 7 series. These incidents collectively pointed to systemic issues within the cybersecurity frameworks of even the most advanced intelligence agencies.

The Future of Cybersecurity

In light of these events, the future of cybersecurity appeared more precarious than ever. The infiltration of Kaspersky’s systems by Israeli intelligence, followed by the exposure of Russian cyber espionage activities, signaled a need for a reevaluation of global cybersecurity strategies. It also raised questions about the trustworthiness of security software providers, especially those based in countries with adversarial relationships.

APPENDIX 2 – Sanctions Implications

  1. Blocked Property and Interests:
    • All property and interests of designated persons within the U.S. or controlled by U.S. persons are blocked.
    • Entities directly or indirectly owned 50% or more by blocked persons are also blocked.
    • Reporting to OFAC is mandatory for such blocked property and interests.
    • Transactions by U.S. persons involving blocked property are generally prohibited unless authorized by OFAC​.
  2. Transactions and Prohibitions:
    • OFAC regulations prohibit U.S. persons from making or receiving contributions, funds, goods, or services from blocked persons.
    • This includes foreign financial institutions that facilitate significant transactions or provide services to Russia’s military-industrial base, risking sanctions by OFAC​ ​.
  3. OFAC’s Enforcement and Compliance:
    • The integrity of OFAC sanctions is maintained through the SDN List, which includes persons and entities subject to sanctions.
    • OFAC provides the option for persons to petition for removal from the SDN List under specific regulations​ .
  4. Foreign Financial Institutions:
    • OFAC has issued guidance targeting support to Russia’s military-industrial base.
    • Significant transactions by foreign financial institutions involving Russia’s military could result in sanctions​ .
  5. Technical and Reporting Requirements:
    • Amendments to OFAC’s reporting procedures now require using the OFAC Reporting System (ORS) for filing reports on blocked property.
    • Annual reports on blocked property must conform to the new requirements by September 30, 2024​ ​.
  6. Interim Final Rule Changes:
    • The statute of limitations for sanctions violations has been extended to ten years, affecting record retention policies.
    • Firms need to update their due diligence processes, especially in transactions involving potential sanctions risks​ ​.

Detailed Scheme Table

Blocked PropertyProperty and interests of designated persons in the U.S. are blocked and must be reported to OFAC.
Entities Ownership RuleEntities 50% or more owned by blocked persons are also blocked.
Transaction ProhibitionsProhibits contributions, funds, goods, or services involving blocked persons.
Foreign Financial InstitutionsRisk sanctions if they conduct significant transactions with Russia’s military-industrial base.
Reporting RequirementsMandatory reporting to OFAC for blocked transactions and property.
Statute of LimitationsExtended to ten years for sanctions violations, affecting record retention.
ComplianceFirms must comply with new reporting procedures and update sanctions compliance policies.
SDN ListList of persons and entities subject to OFAC sanctions, with options for removal petitions.
ORS SystemUse mandatory for filing annual blocked property reports by September 30, 2024.
Guidance and AdvisoriesRegular updates and advisories provided by OFAC, including specific FAQs and detailed guidance for foreign financial institutions.


The following individuals have been added to OFAC’s SDN List: 

NameAliasesCyrillicLocationDOBPOBNationalityGenderSanctions RiskPassportNational IDTax IDCategoryEO
ALESKEEVA, Marina Mikhaylovna[‘ALEKSEEVA, Marina’, ‘ALEKSEYEVA, Marina Mikhaylovna’]АЛЕКСЕЕВА, МаринаMoscow, Russia15 Jun 1978St. Petersburg, RussiaRussiaFemaleSecondary sanctions risk: See Section 11 of Executive Order 14024.726049373 (Russia)4004291086 (Russia)individual[RUSSIA-EO14024]
ASTRAKHAN, Kirill Aleksandrovich[‘ASTRAKHAN, Kirill’]АСТРАХАНЬ, КириллMoscow, Russia17 Nov 1987Donetsk, UkraineRussiaMaleSecondary sanctions risk: See Section 11 of Executive Order 14024.721242410 (Russia)individual[RUSSIA-EO14024]
BORSHCHEV, Daniil Sergeyevich[‘BORSCHEV, Daniil’, ‘BORSHCHEV, Daniil’]БОРЩЕВ, ДаниилMoscow, Russia04 Dec 1975Barnaul, RussiaRussiaMaleSecondary sanctions risk: See Section 11 of Executive Order 14024.530309650 (Russia)individual[RUSSIA-EO14024]
CHEKUNOV, Igor Gennadyevich[‘CHEKUNOV, Igor’]ЧЕКУНОВ, ИгорьRussia27 Mar 1966RussiaMaleSecondary sanctions risk: See Section 11 of Executive Order 14024.530176384 (Russia)individual[RUSSIA-EO14024]
DUKHVALOV, Andrey Petrovich[‘DOUKHVALOV, Andrey’]Moscow, Russia03 Dec 1957Kharkov, UkraineRussiaMaleSecondary sanctions risk: See Section 11 of Executive Order 14024.531133295 (Russia)individual[RUSSIA-EO14024]
EFREMOV, Andrei Anatolyevich[‘EFREMOV, Andrey’]ЕФРЕМОВ, АндрейMoscow, Russia06 Sep 1978Moscow, RussiaRussiaMaleSecondary sanctions risk: See Section 11 of Executive Order 14024.530144516 (Russia)772642282067 (Russia)individual[RUSSIA-EO14024]
GERBER, Mikhail Yuyevich[‘GERBER, Mikhail’]ГЕРБЕР, МихаилMoscow, Russia25 Jan 1983Izhevsk, RussiaRussiaMaleSecondary sanctions risk: See Section 11 of Executive Order 14024.530012175 (Russia)183509230133 (Russia)individual[RUSSIA-EO14024]
IVANOV, Anton Mikhaylovich[‘IVANOV, Anton’, ‘IVANOV, Anton Mihaylovich’]ИВАНОВ, АнтонMoscow, Russia26 Jan 1990Moscow, RussiaRussiaMaleSecondary sanctions risk: See Section 11 of Executive Order 14024.726716892 (Russia)4510584386 (Russia)individual[RUSSIA-EO14024]
KULASHOVA, Anna Vladimirovna[‘DUDORINA, Anna’, ‘KULASHOVA, Anna’]КУЛАШОВА, АннаMoscow, Russia29 Apr 1971Dmitrov, RussiaRussiaFemaleSecondary sanctions risk: See Section 11 of Executive Order 14024.727209099 (Russia)4516724548 (Russia)individual[RUSSIA-EO14024]
SUVOROV, Andrei Anatolyevich[‘SUVOROV, Andrey’]Moscow, Russia12 Oct 1967Togliatti, RussiaRussiaMaleSecondary sanctions risk: See Section 11 of Executive Order 14024.727372914 (Russia)502402592883 (Russia)individual[RUSSIA-EO14024]
TIKHONOV, Andrei Gennadyevich[‘TIKHONOV, Andrey’]ТИХОНОВ, АндрейMoscow, Russia09 Nov 1966Tver, RussiaRussiaMaleSecondary sanctions risk: See Section 11 of Executive Order 14024.530193947 (Russia)4511483349 (Russia)774334095919 (Russia)individual[RUSSIA-EO14024]
ZENKIN, Denis VladimirovichЗЕНКИН, Денис ВладимировичKaliningrad, Russia02 Sep 1974Moscow, RussiaRussiaMaleSecondary sanctions risk: See Section 11 of Executive Order 14024.530425561 (Russia)individual[RUSSIA-EO14024]

reference :

Copyright of
Even partial reproduction of the contents is not permitted without prior authorization – Reproduction reserved


Please enter your comment!
Please enter your name here

Questo sito usa Akismet per ridurre lo spam. Scopri come i tuoi dati vengono elaborati.