We are used to antivirus being programs that are responsible for dealing with different threats that can affect our computers, but according to the German cybersecurity agencies, the next threat would be precisely an antivirus.
The German Federal Cybersecurity Agency (Bundesamt für Sicherheit in der Informationstechnik, or simply BSI) has recommended the removal of the Russian Kaspersky antivirus, as well as the non-installation for new users. In addition, it recommends replacing applications from Kaspersky’s antivirus protection software portfolio with alternative products.
Doubts about the reliability of the manufacturer
On a notice published today, the BSI charges heavily against Kaspersky’s reliability, evidently in relation to the armed conflict following Russia’s invasion of Ukraine. Moscow-based Kaspersky has long been the subject of suspicious rumors in the West about its ownership and loyalty to Russia’s rulers.
Kaspersky Headquarters
“If there are doubts about the reliability of the manufacturer, antivirus protection software poses a particular risk to the IT infrastructure that needs to be protected.”
The BSI anticipates a possible Russian computer attack and the security solution could act against the interests it is supposed to defend.
“The conduct of the Russian military and/or intelligence forces, as well as the threats expressed by the Russian side in the course of the current war against the European Union (EU), NATO and Germany are associated with a considerable risk of a successful computer attack.
Beyond the threats and viruses themselves, antivirus software typically has high-level privileges on Windows systems, maintaining a permanent, encrypted, unverifiable connection to the vendor’s servers for constant virus definition updates.
Germany considers Kaspersky a threat
“A Russian information technology manufacturer may itself carry out offensive operations, be forced against its will to attack target systems, be spied upon without its knowledge as a victim of a cyber operation, or be misused as a tool for attacks against their own clients.”
Suspected government affiliation
Although the war has been the trigger for such measures, the suspicions about Eugene Kaspersky and his company, as well as his government affiliation, are not exactly new.
Kaspersky has long been believed to offer its cybersecurity protection services to Russian state government infrastructures such as the Russian Federation Ministry of Defense, leading to concerns that the company may not be able to remain completely neutral.
Eugene Kaspersky, CEO and co-founder of the security company that bears his surname, has not categorically denied these allegations either, and in your social media post it did not even condemn the invasion of Putin’s troops in Ukraine, which caused considerable discomfort among the users of its information security products.
@e_kaspersky @kaspersky Could you please clarify why is https://t.co/DWEVHSLJYW hosted on your infrastructure and how can people trust you when you are clearly affiliated with the russian gov. pic.twitter.com/sKBpCkv1Jk
– Le̖ͨx͖̯̬͂ͥ̚ċ̐o͎͈ͦͪr͑ – Blankets (@Lexcor1) March 1, 2022
While Mr. Kaspersky may indeed be trustworthy and ethical, as well as a proper professional, he should still comply with Russian laws and regulations, including allowing state agents access to private company databases and could be forced to help Russian intelligence forces conduct cyberattacks or conduct espionage.