On March 15, 2022, Germany’s cyber security authority, the Federal Office for Information Security (BSI), has warned against using anti-virus software from Russian headquartered company Kaspersky.
The BSI recommends replacing applications from the portfolio of anti-virus software from Kaspersky with alternative products.
https://www.bsi.bund.de/DE/Service-Navi/Presse/Pressemitteilungen/Presse2022/220315_Kaspersky-Warnung.html
Who is Kaspersky?
Kaspersky is a major multinational cybersecurity and anti-virus provider; however, since it is based in Moscow, Russia, the BSI has expressed concerns that it may be utilized by the Kremlin.
A Russian IT manufacturer can carry out offensive operations itself, be forced to attack target systems against his will, or be spied on as a victim of a cyber operation without his knowledge or misused as a tool for attacks against its own customers.
https://www.bsi.bund.de/DE/Service-Navi/Presse/Pressemitteilungen/Presse2022/220315_Kaspersky-Warnung.html
Concern about the neutrality of Kaspersky has been expressed before. In fact, in 2017, former U.S. President Donald Trump banned the use of Kaspersky services within the U.S. government.
Reactions
The controversy over Kaspersky has even prompted the German professional football club Eintracht Frankfurt to end a sponsorship deal with the company. The German football club’s CEO Axel Hellmann is quoted as saying:
We have always made it clear that we are attaching the continuation of the partnership with Kaspersky to facts and attitude and not to nationalities. With the warning of the BSI, the facts and thus the confidence in the protection capability of Kaspersky’s products and services has changed significantly. We have informed the management of Kaspersky that we will terminate the sponsorship contract with immediate effect.
https://klub.eintracht.de/news/eintracht-beendet-partnerschaft-mit-kaspersky-140013
Kaspersky’s Response
Eugene Kaspersky, CEO of Kaspersky, denies any allegations of connections with the Russian government and says the BSI’s statement is political rather than based on evidence and facts.
Sources:
- https://www.bsi.bund.de/DE/Service-Navi/Presse/Pressemitteilungen/Presse2022/220315_Kaspersky-Warnung.html
- https://www.bbc.com/news/technology-60738208
- https://www.bloomberg.com/news/articles/2022-03-15/germany-warns-kaspersky-software-risks-being-exploited-by-russia
- https://www.reuters.com/article/us-usa-cyber-kaspersky-idUSKBN1E62V4
- https://klub.eintracht.de/news/eintracht-beendet-partnerschaft-mit-kaspersky-140013
I do kind of question actions like these. From this blog post, along with the linked article regarding the US government, I struggle to see anything cited but “concerns” over the possibility of espionage occurring, which strikes me as somewhat weird since espionage could always be occurring through a multitude of different mechanisms. Reading up more on Germany’s decision, even they essentially cited political, rather than historical reasoning (https://www.computerweekly.com/news/252514679/German-authorities-warn-on-Kaspersky-but-stop-short-of-ban#:~:text=Germany's%20Federal%20Office%20for%20Information,ban%20on%20the%20Russian%20firm.), and even they couldn’t justify a full on ban (which, if there was evidence of confirmed malpractice, would be the obvious solution). While it should not be ignored, I don’t necessarily believe that current political actions in Russia should be used to justify “the potential” for bad things to happen with no evidence.
From a pure cybersecurity perspective, banning Russian software would obviously weaken the sphere by excluding contributions from many people (especially from companies willing to make their code open source, as your linked article noted). While this was not a ban, I don’t think its a healthy step to case doubt on a company due to its nationality of origin. While wariness may be warranted, and no steps made are currently difficult to reverse, I just hope that the future of cybersecurity relies on facts and observed behavior rather than unfalsifiable claims about potential malice.
With the ongoing conflict on the other side of the world, it is important that we do face the reality of what can happen. Given how Putin operates, it would not be a stretch to assume that he can coerce companies into giving him the information that he wants. While it is unfortunate that many people were and are dropping Kaspersky in fear of the software being compromised, I think it is a reasonable measure, especially given today’s circumstances.
I think this will set an interesting precedent going forward. That is, how will sanctions affect software and will there be a divide in software due to politics. We can clearly see that the West primarily uses software developed in the United States and its allies. Whereas in China they have several of their own software that provides the same benefits (WeChat, etc). Now that Russia has transitioned to using Chinese financial systems for some relief it could continue in the futher creating a divide between Western Systems and Chinese Systems, and any other Country looking for their own software monopoly.
https://www.economist.com/finance-and-economics/russia-looks-to-chinese-financial-plumbing-to-keep-money-flowing/21808071
I remember that as a child, my dad would always spend a huge money to get the Kaspersky antivirus subscription each year and the faith my father put on Kaspersky as a globally secured antivirus was huge. I had almost forgotten the name of Kaspersky until I read this blog. Since the world this divided almost into two parts now with the conflict of Russia and Ukraine, I would understand why someone would not want to use a product form a company headquartered in Russia. However, when I researched more on this topic, almost no sources indicated that there were no concrete proof that Kaspersky was spying with their software or exploiting in any illegal means. From my point of view, if someone does not want to use their antivirus because they think it is unethical to use a countries’s software who is in a war they do not support, I can agree on that. But if someone does it by believing something which is not proved, and are just concerns, he/she should confirm if the allegations are true or not, rather than just boycotting it.
It’s a shame how the reputation of the Russian people were so negatively affected by the war caused by its politicians. It sucks that Kaspersky is losing its support due to the location of its headquarters, but I can understand why people would want to be cautious of what a multinational cybersecurity provider is capable of, especially one that is based in the capital of Russia. I hope that once this is all over, our trust in the Russian people can be restored.
This is actually a really interesting development. One of the often overlooked aspects of cybersecurity is the political one. The main idea behind decentralized technologies was to prevent central authorities from manipulating information to their own benefit. When the world seems to be in such an unstable space, it is easy to see how hysteria/paranoia could cause people to be overly cautious. However, I believe the best policy is to assume innocence until proven guilty, as spiralling down into a world where companies are annexed because of where their headquarters are located is not the sort of future I would like to live in.
It’s…understandable and yet unfortunate that Kaspersky is now being blacklisted due to recent events. When I was younger I would actively try to look for Kaspersky as an anti-virus due to it’s reputation and detection rates. However, after 2015 it was discovered to have close ties to the Russian government and the reality is that any IT manufacturer in Russia can carry out offensive operations on the behalf of the FSB, willingly or against it’s will. For current Kaspersky users the silver lining is that it looks like all of their processing is done in Switzerland and not in Russia.
Its understandable the concerns with Kaspersky and Russian products in general with the ongoing situation, but its also quite unfortunate. I recently actually looked into Kaspersky into an anti-virus to use due to the great reputation it seems to have but never committed to it. This is just one of the many unfortunate examples of how the Russian people or businesses might have to suffer but I think the security concerns are reasonable.
I don’t know how to feel about these actions, on one hand it is extremely important to be honest about the possibilities of this service being abused by the Russian government, but on the other hand it may seem like the company is being punished simply for having been formed in the wrong country at the wrong time. It is unfortunate that there might be a chance that this company is needlessly being feared by the company but with the way that the current political situation is at the moment it makes sense to be better safe than sorry.
Very interesting topic, especially the question whether Kaspersky could really be a threat or not is very hard to answer, there are so many political interests and conflicts around that the concern voiced by the BSI could very well be based on a political agenda. On the other hand, the BSI is a government organization and therefore should not have any interest in harming the economic situation of any company, but perhaps lobbyists helped to “form” this opinion. Another option might be that this is part of an unofficial sanction, trying to harm Russian companies to force an end of the war as soon as possible.
Whatever it may be, I think recent events have shown how ruthlessly the Kremlin can act, therefore I would rather be overly cautious than getting in trouble later on – better be safe than sorry!
It seems that the “concern” surrounding Kaspersky may be both politically motivated and further fuelled by the current Russia-Ukraine geo-political tensions. In recent weeks, as Russia has advanced in Ukraine, the world has responded both aggressively and swiftly. Russia’s actions have been deemed as inhumane, and their refusal to halt their attacks has horrified the world, with many countries imposing sanctions, freezing Russian assets, and banning the use of Russian products, and services around the world. The global response has effectively crippled the Russian economy. The notion that Kaspersky is a “threat” is questionable to me, and it seems as though this belief may stem from opposition and anger concerning the recent Russia-Ukraine crisis, as opposed to evidence. It is difficult to definitively determine the threat, if any, that Kaspersky may pose. There are too many political biases that can cloud the certainty of this determination. However, if the distrust that surrounds Kaspersky is not well-founded and instead based upon bias, all it does is negatively impact the company without warrant, which is equally as unethical in my opinion as Kaspersky utilizing its platform for espionage, and spying, among other illicit activity.
This is super interesting! I used to use Kaspersky a few years ago and all reviews pointed to it being really good, especially in its free version. I doubt that Kaspersky, a private entity, is working with the Russian government to spy on its users, but considering the actions the Russian government has been taking recently (legalizing piracy of certain content, legalizing use of trademarks and brandnames by anyone), there’s no guarantee that they are not. Assuming they’re not, this can be considered part of the ongoing sanctions on Russia, and while it is unfortunate that an innocent, uninvolved company is affected by it, the more pressure placed on the country the better.
This is frankly just upsetting. Kaspersky is one of the better anti-virus softwares out there and this seems like a purely political decision. Had this guidance been only intended for government agencies it may appear to be a justified worry. It is exceedingly unlikely that Russia would target German civilians, and in practice all that would do is yield them unimportant information, and if exposed likely leads to Russian products being further alienated, but with actual justification. Cybersecurity is a global concern and cutting out groups that have so far only been good actors will probably not end well.
I don’t know how to feel about this development. On one hand, it is kind of justifiable with current Ukraine-Russia situation, while on the other hand the company is just being punished because of the location of its headquarters. Kaspersky is one of the good anti-virus softwares, and I have also been using it since a few years now. In my opinion, the decision based on this “concern” against Kaspersky is simply a political one.
Kaspersky is one of the well known anti virus company around the world. Since my childhood i have been hearing about this company. This unfortunate what happened to this company although they have been providing great level of service.
Good Post! It is certainly interesting, to say the least, to see the effect that the war in Ukraine has had on Russian businesses and its economy. Sanctions, and Western companies pulling out aside, Russian businesses have taken a massive hit to their trustworthiness. Your blog post sets up whether or not Kasperksy is working with the Russian government to be unknown, but I bet there are a lot of Russian companies that have been (and are going to be) accused of working with the Russian government even when they aren’t (and they’re going to lose a good deal of their business as a result).
Interesting read! The idea that political inclinations can affect the behavior of companies is concerning, especially when one takes into account that companies aren’t a monolithic entity and all it takes is one perpetrator to compromise all the systems using this anti-virus software. A major concern is for anti-viral software that specifically targets rootkits since the anti-viral software will also have root access in-order to target rootkits. It’s always been a given that some of the sketchier anti-viral software has it’s own viruses however the idea that a “safe” anti-virus software could become malicious is a new and concerning.
I had no idea what Kapersky was so it was interesting learning about it. This post shows how we don’t only need to evaluate a company’s security practices before using their software, but we also need to look at the company’s origin and any political stances that may cause them to act unethically.
With the war, there has definitely been a spike in wariness and perhaps paranoia when it comes to dealing with companies based in Russia. For Germany to come out and denounce Kaspersky like this, I hope that the reasoning is backed by plausible evidence. Otherwise, it’ll just be another political maneuver to further reinforce the rift between the western and eastern world, which I feel is not a step in the right direction. Nevertheless, this war has caused catastrophic loss and we should hope that the fighting ceases before it escalates even more. Great post!
When I first saw this post, I thought it was going to talk about malware that poses as the Kaspersky antivirus (like in this video: https://www.youtube.com/watch?v=Suh_7YXlWpE ). However, after reading this, I have to question some the reasoning given for cutting off Kaspersky. It is understandable that there will be hesitance to use Russia-based software due to the ongoing Russian invasion of Ukraine. However, the statement made by Axel Hellmann saying that nationality did not influence their decision to cut contracts with Kaspersky feels unlikely. In times of war, people have to be cautious, but this seems like a move that was made less as an effort to help Ukraine in the war and more as a knee-jerk reaction to the war.
A really interesting post. Do you think that there is any merit to the accusations of Russian government interference with Kaspersky? It might be, as some posters above have mentioned, a knee jerk reaction (especially since this seems like the first that we are hearing of these concerns), but at the same time it may be a credible risk. Also interesting to note the dichotomy where in the United States companies are accused of controlling the government, whereas in Russia the government is accused of controlling the companies.
No surprise that the ongoing conflict affects many businesses located in or related to Russia. Either the fact that they may be involved in political purposes or their ability to ultimate users’ benefits may be limited by Russian governmental rules, people are more cautious to work with them. It is a wise choice to not risk users’ security by terminating the contract with Kaspersky. Many Russian companies were accused of compromising with the Russian government. Regardless of the truth, their businesses are negatively affected by the war.