Remove and replace Kaspersky AV, according to German cyber intelligence – Security



Eugene Kaspesrsky, founder of Kaspersky Lab.

The German Federal Office for Information Security (BSI) has advised users of Kaspersky Antivirus to replace it with alternative security solutions, due to threats against EU and NATO countries in the framework of Russia’s invasion of Ukraine increasing the risk of attacks.

Moscow-based Kaspersky Lab is one of the world’s leading antivirus software vendors, having started operations in 1997.

In 2017, the United States banned government agencies from using Kaspersky products, and the European Union followed suit the following year.

BSI has now extended the advisory to all Kaspersky customers, telling them to replace Russian antivirus with an alternative security product.

However, BSI has warned that customers should not simply disable antivirus without preparation or assessment, as this could lead to Internet-based attacks on their computer systems.

BSI said in its advisory that antivirus software, including cloud-hosted systems, has extended system permissions.

In addition, the software must maintain a permanent, encrypted and unverifiable connection with the servers of its developers, forcing customers to trust security providers to be reliable and guarantee the safe use of these systems.

Due to the software running with elevated system privileges, antivirus poses a particular risk to IT infrastructure, especially with the armed conflict unfolding in Ukraine, BSI said.

“A Russian computer manufacturer can carry out offensive operations itself, be forced to attack target systems against its will, or be spied on without its knowledge as the victim of a cyber operation, or be used as a tool for attacks against its own customers,” the BSI wrote.

In a statement, Kaspersky Lab said BSI’s decision is not based on a technical evaluation of the Russian security vendor’s products, but rather is made on political grounds.

“Kaspersky is a private, global cybersecurity company and, as a private company, has no connection with the Russian government or any other government,” the security vendor said.

The company also highlighted its transparency measures such as the ability for customers to review source code, its external audits and official certifications such as ISO 27001.

Kaspersky has previously categorically denied any clandestine relationship with Russian intelligence agencies and moved its data infrastructure to Switzerland to counter allegations of hacking and spying from Western countries.

iTnews sought additional comments from Kaspersky on BSI’s advice.

About Donald J. Beadle

Check Also

Can collecting cyber intelligence support human rights?

In November 2021, the Biden administration added Israel’s NSO Group to the U.S. Commerce Department’s …