Better safe than sorry over Kaspersky risk
Concerns about the safety of Kaspersky’s anti-virus software continue to circulate so it’s a good idea to think about switching to another provider.
On-going coverage of the issue in the media has stoked fears that using the company’s software might open up any business or individual to some kind of cyber-attack. Kaspersky Lab denies any wrong-doing but suggestions that the company assisted Russia’s spies refuse to dissipate.
UK Members of Parliament and security experts have now called for a blanket ban on the software. That’s more than a month after the UK’s National Cyber Security Centre (NCSC) issued a warning based on risk analysis rather than hard evidence.
The warning was directed at government departments that use Kaspersky’s software for systems that support national security. However, non-government organisations are also taking heed of the warning.
The NCSC’s concerns are clearly not pure hysteria. Last year, Bloomberg reported on emails that were written in 2009 where Kaspersky’s staff were directed to work on a secret project requested by the “Lubyanka side”. Lubyanka is a reference to the Moscow office of the Federal Security Service and commonly referred to as the FSB whilst also successor to the KGB.
According to Bloomberg, Russian law requires service providers like Kaspersky to install communications interception equipment that allows the FSB to monitor all of a company’s data transmissions. And while Eugene Kaspersky denies his software contains a backdoor code that deliberately allows access to vulnerable information, a backdoor code isn’t really necessary says Bloomberg. Simply installing the software on your computer is an access pass to every corner of your network.
Bank takes action
UK government officials stressed they aren’t telling companies or members of the public to stop using the software but the loss of confidence has already started to have wider repercussions. Barclays Bank emailed 290,000 customers to announce it would no longer be offering free Kaspersky software describing the move as a “precautionary decision”.
Gary Jowett from CNC in Brighton says: “We’ve never sold Kaspersky software but we’re advising customers who have it installed to change to Symantec Anti-Virus instead. The NCSC’s warning could affect procurement decisions made by local and national government and have an impact on businesses in Sussex and across the South East of England. Even if there’s no real risk, the continued poor perception of the anti-virus software means it’s a wise move to switch provider.”