Remove and replace Kaspersky AV, says German cyber intelligence

By on
Remove and replace Kaspersky AV, says German cyber intelligence
Eugene Kaspesrsky, founder of Kaspersky Lab.

Vendor says warning being made "on political grounds".

The German Federal Office for Information Security (BSI) has advised users of Kaspersky Antivirus to replace it with alternative security solutions, due to threats against EU and NATO countries as part of Russia's invasion of Ukraine increasing the risk of attacks.

Moscow headquartered Kaspersky Lab is one of the world's original anti-virus software vendors, having started operations in 1997.

In 2017, the United States banned government agencies from using Kaspersky products, with the European Union following suit the year after.

BSI has now extended the advisory to all Kaspersky customers, telling them to swap out the Russian antivirus with an alternative security product.

However, BSI warned that customers should not just switch off antivirus without preparation and assessment, as this could lead to internet-borne attacks against their IT systems.

BSI said in its advisory that antivirus software, including cloud-hosted systems, has extensive system permissions.

Furthermore, the software must maintain a permanent, encrypted and non-verifiable connection to their developers' servers, requiring customers to trust security vendors to be reliable and ensure the safe use of such systems.

Due to the software running at high system privileges, antivirus poses a special risk for IT infrastructure, especially with the armed conflict taking place in Ukraine, BSI said.

"A Russian IT manufacturer can conduct offensive operations itself, be forced to attack target systems against its own will, or be spied on without its knowledge as a victim of a cyber operation, or be used as a tool for attacks against its own customers," the BSI wrote.

In a statement, Kaspersky Lab said the decision by BSI is not based on a technical assessment of the Russian security vendor's products, but instead is being made on political grounds.

"Kaspersky is a private global cyber security company and, as a private company, does not have any ties to the Russian or any other government," the security vendor said.

The company also pointed to its transparency measures such as allowing customers to review source code, to its external audits and official certifications such as ISO 27001.

Kaspersky has previously emphatically denied any clandestine dealings with Russian intelligence agencies, and had moved its data infrastructure to Switzerland to counter hacking and spying allegations by Western nations. 

iTnews has sought additional comment from Kaspersky on the BSI advisory.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © . All rights reserved.

Most Read Articles

Log In

  |  Forgot your password?