More must reconsider Russian anti-virus software use, UK warns
The National Cyber Security Centre has said more organisations should reconsider the risk of using Russian technology, including anti-virus software. But in a blog post published today, it said that for most individual users it is safe to use Kaspersky's software. Germany recently suggested replacing Kaspersky anti-virus. The Russia-headquartered firm said the German warnings were […]

The National Cyber Security Centre has said more organisations should reconsider the risk of using Russian technology, including anti-virus software.

But in a blog post published today, it said that for most individual users it is safe to use Kaspersky's software.

Germany recently suggested replacing Kaspersky anti-virus.

The Russia-headquartered firm said the German warnings were "made on political grounds".

Critical Infrastructure.
In 2017, The UK's National Cyber Security Centre (NCSC) announced it would write to all government departments, warning against using Kaspersky products for systems related to national security.

But in today's blog post, the NCSC's Ian Levy wrote: "We have no evidence that the Russian state intends to suborn Russian commercial products and services to cause damage to UK interests, but the absence of evidence is not evidence of absence."

The centre is now urging more groups to reconsider their use of Russian controlled technology including:

wider public sector organisations that weren't covered by its 2017 guidance
organisations providing services to Ukraine
organisations that if compromised could represent a PR 'win' for Russia
organisations providing services related to critical infrastructure

"We've not seen - and don't expect to see - the massive, global cyber-attacks that some had predicted," the NCSC's Ian Levy says in his blog.

But the Ukraine conflict has changed the balance of risks.

The UK already had advice from a few years back regarding use of products like Kaspersky anti-virus but this was confined to those involved in national security.

German authorities issued a new tougher warning calling for Kaspersky products to be removed after the Ukraine conflict began, raising questions about whether the UK would follow.

And the NCSC started to get phone calls from members of the public worried about turning their laptops on because they ran Kaspersky.

That has now led to a broader warning that a wider range of institutions - like those in critical infrastructure or who might be the targets of Russian retaliation - should think carefully about using any Russian products.

But this new advice still does not apply to the general public - who are not thought to be at direct risk.

2px presentational grey line
German warnings
Earlier in March, Germany's Federal Office for Information Security (BSI) said that against the backdrop of the invasion of Ukraine and threats against Nato and the EU, Russian IT manufacturers could be forced against their will "to attack target systems, or be spied on as a victim of a cyber-operation without its knowledge or as a tool for attacks against its own customers,"

The BSI found no evidence of current problems with Kaspersky products but recommended its anti-virus products were replaced with alternatives - but carefully, to avoid weakening defences.

In response, the firm said the BSI decision was "not based on a technical assessment of Kaspersky products", and as a private global cyber-security company it "does not have any ties to the Russian or any other government".

It added: "The security and integrity of our data services and engineering practices have been confirmed by independent third-party assessments."

But the German warning raised the level of public concern, which the NCSC has sought to address.

"It almost certainly remains the case that nearly all individuals in the UK (and many enterprises) are not going to be targeted by Russian cyber-attack, regardless of whether they use Russian products and services" Mr Levy wrote.

"If your personal laptop uses Kaspersky AV (or other products) it's highly unlikely to be directly targeted…it's safe to turn on and use at the moment."

Leave a Reply

Your email address will not be published. Required fields are marked *