Kaspersky Lab (Wikipedia, By Alexxsun - Own work, CC BY-SA 4.0)
Due to Russian threats against the EU, NATO, and Germany, Germany’s Federal Office for Information Security (BSI) has issued a warning to businesses not to use Kaspersky antivirus products.
Kaspersky is a cybersecurity and antivirus company based in Moscow that was founded in 1997 and has a long history of success, as well as controversy over the company’s possible ties to the Russian government.
Eugene Kaspersky, Kaspersky’s founder, and CEO, recently expressed a desire for “compromise” in regards to Russia’s invasion of Ukraine, which sparked outrage on Twitter, with many criticizing the company’s stance.
Kaspersky is also thought to provide cybersecurity protection to Russian government IT infrastructure, raising concerns that the company will not be able to remain completely neutral.
BSI warns against using Kaspersky
The BSI has issued a warning to German companies to replace Kaspersky Anti-Virus and any other Kaspersky products with non-Russian alternatives.
Antivirus software typically has higher-level privileges on Windows systems, according to the BSI statement, because it maintains a permanent, encrypted, and non-verifiable connection to the vendor’s servers for constant virus definition updates.
Furthermore, because almost all antivirus vendors’ real-time protection can upload suspicious files to remote servers for further analysis, there is concern that antivirus developers could use their software to steal sensitive data.
While Kaspersky is likely to be trustworthy and ethical, it must still follow Russian laws and regulations, which include allowing state agents access to private firm databases.
“The actions of military and/or intelligence forces in Russia and the threats made by Russia against the EU , NATO and the Federal Republic of Germany in the course of the current military conflict are associated with a considerable risk of a successful IT attack. A Russian IT manufacturer can carry out offensive operations itself, be forced to attack target systems against its will, or be spied on without its knowledge as a victim of a cyber operation, or be misused as a tool for attacks against its own customers.”
BSI
To avoid panic moves such as turning off protection without activating a replacement security product, BSI recommends that all organizations first conduct a thorough assessment.
Furthermore, whenever alternative security products are used, a loss of comfort, functionality and even safety is expected, necessitating the creation of a remediation plan to address all of this.
As a result of this warning, German organizations such as the Eintracht football club have stopped using Kaspersky’s services.
BSI’s warning to remove Kaspersky products, on the other hand, Kaspersky believes is a political decision rather than a technical assessment of their products.
We believe this decision is not based on a technical assessment of Kaspersky products – that we continuously advocated for with the BSI and across Europe – but instead is being made on political grounds. We will continue to assure our partners and customers in the quality and integrity of our products, and we will be working with the BSI for clarification on its decision and for the means to address its and other regulators’ concerns.
At Kaspersky, we believe that transparency and the continued implementation of concrete measures to demonstrate our enduring commitment to integrity and trustworthiness to our customers are paramount. Kaspersky is a private global cybersecurity company and, as a private company, does not have any ties to Russian or any other government.
We believe that peaceful dialogue is the only possible instrument for resolving conflicts. War isn’t good for anyone.
Our data processing infrastructure was relocated to Switzerland in 2018: since then, malicious and suspicious files voluntarily shared by users of Kaspersky products in Germany are processed in two data centers in Zurich that provide world-class facilities, in compliance with industry standards, to ensure the highest levels of security. Beyond our cyber threat-related data processing facilities in Switzerland, statistics provided by users to Kaspersky can be processed on the Kaspersky Security Network’s services located in various countries around the world, including Canada and Germany. The security and integrity of our data services and engineering practices have been confirmed by independent third-party assessments: through the SOC 2 Audit conducted by a ‘Big Four’ auditor, and through the ISO 27001 certification and recent re-certification by TÜV Austria.
Kaspersky has set the industry benchmark for digital trust and transparency. Our customers can run a free technical and comprehensive review of our solutions, allowing them to:
- Review our secure software development documentation including threat analysis, secure review, and application security testing processes
- Review the source code of our leading solutions including Kaspersky Internet Security (KIS), our flagship consumer product; Kaspersky Endpoint Security (KES), our flagship enterprise product; and Kaspersky Security Center (KSC), a control console for our enterprise products
- Review all versions of our builds and AV-database updates, as well as the types of information that Kaspersky products send to our cloud-based Kaspersky Security Network (KSN)
- Rebuild the source code to make sure it corresponds to publicly available modules
- Review the results of an external audit of the company’s engineering practices conducted by one of the ‘Big Four’ accounting firms;
- Review the Software Bill of Materials (SBOM) for Kaspersky Internet Security (KIS), Kaspersky Endpoint Security (KES), and Kaspersky Security Center (KSC)
