Fears of Russian spying prompts Germany to ditch Kaspersky
Updated with a statement from Kaspersky.
Germany's cyber watchdog, BSI, warned against using Kaspersky antivirus amidst Russia's threats against EU and NATO.
BSI recommends exploring virus protection alternatives over fears that Russian-made software, such as Kaspersky, might not be reliable enough.
According to the agency, antivirus software has extensive system authorizations and must maintain a permanent connection to the manufacturer's servers.
"Trust in the reliability and self-protection of a manufacturer as well as its ability to act is crucial for the safe use of such systems. If there are doubts about the reliability of the manufacturer, virus protection software poses a particular risk for the IT infrastructure it is protecting," BSI claims.
Eugene Kaspersky, the creator of the software, refused to condemn Russia's invasion of Ukraine. At the same time, hacktivists and journalists cast doubts on Kasperky's said neutrality.
Recently, Cybernews has learned that Kaspersky Lab is protecting the resources of the Russian Ministry of Defense and other high-value domains that are instrumental to the Russian propaganda machine.
The fears seem somewhat echoed in BSI's recent announcement as the agency claims a Russian IT manufacturer can be forced to partake in an attack against targets in the EU, NATO, and Germany.
"A Russian IT manufacturer can carry out offensive operations itself, be forced to attack target systems against its will, or be spied on without its knowledge as a victim of a cyber operation, or be misused as a tool for attacks against its own customers," BSI said.
The US government banned Kaspersky products from all government departments in 2017. The Justice Department claimed that the company worked on secret projects with Russia's Federal Security Service (FSB).
Kaspersky: war isn’t good for anyone
Reacting to BSI's decision Kaspersky issued a statement claiming the decision was not based on technical assessment of company's products and made on political grounds.
"Kaspersky is a private global cybersecurity company and, as a private company, does not have any ties to the Russian or any other government," the company said.
Kaspersky claims that its data processing infrastructure was relocated to Switzerland in 2018 while files for German users are handled in two data centers located in Zurich.
Both of which, the company claims, were deemed safe by third-party assessments through the SOC 2 Audit conducted by a ‘Big Four’ auditor, and through the ISO27001 certification and recent re-certification by TÜV Austria.
"We believe that peaceful dialogue is the only possible instrument for resolving conflicts. War isn’t good for anyone," the company added.
On the night of February 24, Russian forces invaded Ukraine. The Kremlin dubbed the aggression a 'special operation,' and calling the attack a 'war' can lead to a 15-year sentence.
In light of the attack, the hacker community started rallying to help Ukrainians. With Anonymous being the most prominent one, numerous hacker groups and researchers partake in various campaigns to help Ukraine.
Cyber activists targeted Russian state-controlled media outlets TASS, Kommersant, Izvestia, Fontanka, and RBC, pushing them offline.
The German branch of the Anonymous collective also claims to have stolen 20 terabytes of data from the German arm of Rosneft, Russia's state energy company.
The Kremlin's invasion of Ukraine prompted Western governments to sanction Russia. As a result, numerous IT-related services got blocked or left the Russian market after the invasion began.
According to the United Nations, over 2.8 million people have fled Ukraine to neighboring countries. Thousands of Ukrainian civilians have perished due to Russia's artillery attacks of urban territories.
More from Cybernews:
Subscribe to our newsletter