In Germany, the agency responsible for cybersecurity displays an unprecedented distrust of Kaspersky. Antivirus software of Russian origin could be used for computer attacks. Its replacement should be considered.
This is a blow for Kaspersky. The Russian publisher of the famous antivirus has just been the subject of an unfavorable opinion from the BSI, this Tuesday, March 15. The BSI is responsible in Germany for the security of information systems. It is equivalent in France to Anssi (National Agency for the Security of Information Systems), which provides cyber defense for operators of vital importance.
The BSI “ warns against using anti-virus software from the Russian publisher Kaspersky. BSI recommends replacing applications from Kaspersky’s enterprise antivirus software portfolio with alternative products “, can we read from the introduction of the note. This does not mention any particular incident, but gives an overview of the risks.
The geopolitical context encourages a certain mistrust: the BSI observes that Russia has been threatening against NATO and the European Union, which are two organizations to which Germany belongs, in recent weeks. Moscow has also sent warnings, including to Berlin, given the sanctions that have been imposed and the support given to kyiv.
The threat of a cyber attack therefore looms, with or without the support of Kaspersky. ” A Russian computer manufacturer can itself carry out offensive operations, be forced to attack target systems against its will, or itself be the victim of an unwitting cyber operation, spied on or used as a tool to attack its own clients », Notes the BSI.
The position taken by the German agency is remarkable, because it clearly reflects a change in tone and assessment compared to these previous analyses. We remember that in 2017, she considered with great caution the accusations that Kaspersky had been used as a Trojan horse to steal NSA tools.
The BSI does not, however, call for an immediate uninstallation of Kaspersky software – especially if no fallback solution is provided beforehand. It might be even worse to have no security software left in your computer system. The remedy would then be worse than the disease, because we would then be exposed to all online threats.
For the BSI, the best remains “ carry out an individual assessment and weigh the pros and cons of the current situation “. In short, the opinion of the German agency is similar to the French recommendations. If there is no proven threat, it may still be time to consider switching to another solution – preferably French, European or American.
For Kaspersky, unfounded fears
Anssi’s update on Kaspersky provoked an official reaction from the Russian company at the beginning of March, which pointed out, among other things, that its network of servers is scattered around the world ( Germany, Canada, China, Switzerland…) for “ ensure business continuity “. And, therefore, updates.
Cross sanctions between the West and Russia raise fears that a company like Kaspersky may no longer be able to deliver its updates at some point. But the company insists that its global infrastructure “ allows uninterrupted operation » of its solutions, in particular its platform « that processes data related to cybersecurity. »
” In particular, data voluntarily transmitted […] by users of Kaspersky products in Europe for automated analysis of malicious code are sent only to dedicated servers located in Europe adds the company, which insists on respecting its obligations, whether in terms of product delivery or assistance.
In short, Kaspersky considers that it “is not affected” by the situation and that the risks formulated in recent weeks are caused more by political considerations than by technical elements – as proof, Kaspersky offered by the past that experts examine its source code, and has moved data from Russia to Switzerland.
The trajectory of Kaspersky in the West is in any case very different from that which we are beginning to see emerging with certain Western antiviruses in Russia. Since the start of the invasion of Ukraine, rival companies from Eastern European countries have announced their withdrawal from Russia. This is the case of Eset and Avast, two renowned companies in cybersecurity.