The Independent’s journalism is supported by our readers. When you purchase through links on our site, we may earn commission.

Should you keep using Kaspersky? As some governments warn antivirus could be ‘dangerous’, experts are silent

Anti-virus software has been infiltrated in the past and Kaspersky’s company history has led to concerns from governments in the UK and US

Adam Smith
Tuesday 22 March 2022 10:16
Comments
<p>Sam Bird at the Rome ePrix in April</p>

Sam Bird at the Rome ePrix in April

European governments have warned that Kaspersky could potentially be used by the Russian government to hack websites. But as official warnings increase, experts have mostly chosen to remain silent on whether it is safe to keep using the anti-virus company’s products.

Franco Gabrielli, the Italian state undersecretary for security, said last week that the government was working to replace Kaspersky software that state organisations used.

Italy’s cybersecurity agency said there is no evidence that Russian products have been compromised since the invasion of Ukraine on 24 February, but that anti-virus software could be particularly sensitive because of their “high level of invasiveness”.

The German cyber security agency has also claimed that Kaspersky’s anti-virus software could pose a serious risk if it is used by Russian government agents to hack IT systems.

“A Russian IT manufacturer can carry out offensive operations itself, be forced to attack target systems against its will, or be spied on without its knowledge as a victim of a cyber operation, or be misused as a tool for attacks against its own customers,” BSI reportedly said.

“We have received the request from the Italian DPA (GPDP) and are ready to communicate with the agency on any questions or concerns they may have”, Kaspersky said in a comment. It also released a lengthy statement to “address its and other regulators’ concerns”.

Kaspersky offers a range of software including antiviruses, VPNs, ad-blocking, anti-phishing, and more.

Antivirus software generally scans programs and files as they enter the computer, or scans software already on the device.

Kaspersky’s chief executive, Eugene Kaspersky, formerly worked for the Russian military and was educated at a KGB-sponsored technical comments, but the company has denied that it has direct ties with the Russian government.

The Department of Homeland Security issued an order in 2017 that Kaspersky products cannot be used within the US civilian federal government because of “[concerns] about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks.”

One month later, it was alleged that hackers working for the Russian government used Kaspersky software to steal classified material from an National Security Agency contractor, and it was alleged that Russian intelligence used the software to scan computers worldwide.

Kaspersky said the reports were “baseless paranoia” and a “witch hunt”, later stating that it had detected samples and source code from the Equation Group, a threat actor suspected of being connected to the Tailored Access Operations (TAO) unit of the National Security Agency.

With this controversial history, it remains unclear whether the Russian government could or would use Kaspersky software to launch attacks.

“Cyber security firms such as Kaspersky are trusted to have a presence on or around client networks and to process client data. They would therefore be aware of weak points that clients were trying to protect, legacy systems and known vulnerabilities. They open a door into a network, and highlight the best options for disruptive effect”, Paddy McGuinness of cybcersecurity company Venari Security told The Independent.

“This could be done with or without Kaspersky’s knowledge, which either way creates potential risks. If Kaspersky isn’t informed, then it may well intervene when it sees something unexpected. If Kaspersky is informed it increases the risk that an employee will publicise or obstruct it. For example, the Russian Ransomware group Conti was recently torn open in this way.”

Cyber security may become a means to attack, Mr McGuinness also said. Encrypted channels can protect attackers’ command and control technology, and the cloud “invites hard to spot zero day exploits.”

Other cyber experts contacted by The Independent refused to comment on the situation.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Please enter a valid email
Please enter a valid email
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Please enter your first name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
Please enter your last name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
You must be over 18 years old to register
You must be over 18 years old to register
Opt-out-policy
You can opt-out at any time by signing in to your account to manage your preferences. Each email has a link to unsubscribe.

By clicking ‘Create my account’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in