The German Federal Office for Information Security (BSI) has warned organizations against using Kaspersky Lab’s anti-virus software because it could be used for cyber espionage or cyberattacks during Russia’s ongoing war in Ukraine.
While the office does not explicitly ban the use of Kaspersky Lab software, the security service is urging German organizations to replace the Moscow-based company’s products with alternative software from non-Russian vendors, warning that Russian military and intelligence activities in Ukraine, as well as threats to Europe, NATO and Germany, mean that there is “significant risk of a successful IT attack”.
“A Russian IT manufacturer can conduct offensive operations itself, force it against its will to attack target systems, or spy without its knowledge as victims of cyber operations or its customers. Antivirus software, such as Kaspersky Lab, has deep access to the system and persistent, encrypted and irreversible connections to the manufacturer’s servers, the BSI said in a statement, should be maintained “Companies and authorities with special security interests and operators of critical infrastructure are at particular risk,” the statement said.
Consumers are likely to be the “ultimate target” in the event of a successful attack, BSI said, but they could be victims of “collateral” damage or proliferation.
The warning, which BSI says is “only intended to inform the public of potential dangers,” is already cutting ties with German entities such as German football club Eintracht Frankfurt, Kaspersky Lab. “We have informed the management of Kaspersky Lab that we are terminating the sponsorship deal immediately,” club spokesman Axel Hellmann said in a press release. “We deeply regret the development.”
The Italian Computer Security Incident Response Team (CSIRT) also urged organizations to urgently evaluate technologies provided by Russian companies or companies associated with Russia, although Kaspersky is not explicitly mentioned.
Kaspersky Lab said it believes that BSI’s decision is not based on a technical assessment of its products, but on political grounds.
“We will continue to reassure our partners and customers of the quality and integrity of our products, and we will work with BSI to clarify our decision and find means to address issues of concern to it and other regulators,” said a Kaspersky Lab spokesman. Francesco Tius. Vanity told Kipa. “Kaspersky is a privately held global cybersecurity company, and as a privately held company, it has nothing to do with the Russian or any other government.
“We believe that peaceful dialogue is the only possible means of resolving conflicts. War does not benefit anyone,” the company said.
The statement follows similar comments from the company’s CEO, Yevgeny Kaspersky, who said earlier this month. tweeted That he welcomes negotiations that will lead to a “compromise” that will provoke an angry backlash. A recent law in Russia prohibits journalists from referring to the Kremlin’s military operation in Ukraine as a “war” or “invasion,” although it’s not clear if this also applies to companies based in Russia.
Kaspersky’s relationship with Russia has long been known, but has long been controversial. In 2017, the Trump administration banned government agencies from using Kaspersky Lab software over concerns about the company’s alleged ties to the Russian government. The following year, the European Parliament passed a resolution classifying the security company’s software as “malicious” because of the company’s alleged ties to Russian intelligence agencies.