 |
| Germany warns against using Kaspersky software |
Germany's Federal Office for Information Security (BSI) has warned companies against using Kaspersky's antivirus software, fearing that it could be used for cyber espionage or cyber attacks in the ongoing war from Russia to Ukraine.
Although the bureau has not specifically banned the use of Kaspersky software, the security agency is urging the German group to replace the Moscow-based company's products with alternative software from non-Russian vendors.
The bureau warned that Russian military and intelligence activities in Ukraine, as well as threats against Europe, NATO and Germany, pose a significant risk to the success of cyberattacks.
The Federal Office for Information Security stated: “Russian IT manufacturers can carry out aggressive operations themselves, forcing them to attack targeted systems against their will, monitor them unnoticed as victims of computer operations or misuse them as a tool to attack their customers.”
BSI explains that antivirus programs like Kaspersky have deep access to the system and must maintain a permanent, encrypted, and unverifiable connection to the manufacturer's servers.
Companies, entities and critical infrastructure operators with legitimate security interests are particularly at risk, the statement added.
"If the attack is successful, the ultimate target is likely to be the consumer," BSI said. But they can be victims of collateral or consequential damage.
Germany warns Kaspersky users
The warning issued by the Federal Office for Information Security aims to raise awareness of potential risks. This prompted German organizations such as German football club Eintracht Frankfurt to sever ties with Kaspersky.
A club spokesman said in a statement: "We have informed the Kaspersky management that we will terminate the current sponsorship deal with immediate effect.
The Italian Computer Security Incident Response Team (CSIRT) also urged companies to urgently assess the risks of technology provided by Russian companies with ties to Russia, although it did not specifically mention Kaspersky.
Kaspersky said it believed BSI's decision was not based on a technical evaluation of its products, but on political grounds. We will continue to impress our partners and customers with the quality and safety of our products. We are working with BSI to clarify their decision and address the concerns of other regulators. Kaspersky is a global private cybersecurity company, and as a private company it has no ties to Russia or any other government.
The statement follows similar comments from CEO Eugene Kaspersky, who tweeted earlier this month that he welcomed talks that would lead to a compromise, prompting angry reactions.
A recent law by Russia prohibits journalists from describing the Kremlin's military operations in Ukraine as wars or invasions. However, it is not known whether this applies to Russian companies.
Kaspersky's ties to Russia have long been known, but they have long been disputed. The Trump administration banned government agencies from using Kaspersky's software in 2017, citing concerns about the company's ties to the Russian government.
The following year, the European Parliament passed a resolution that described the security company's plans as harmful because of its ties to Russian intelligence.