Threat Watch

Germany Issues Hacking Warning for Users of Russian Anti-Virus Software Kaspersky

Germany’s cyber security agency on Tuesday warned users of an anti-virus software developed by Moscow-based Kaspersky Lab that it poses a serious risk of a successful hacking attack.  The BSI agency said that the Russia-based cyber-security company could be coerced by Russian government agents to hack IT systems abroad or agents could clandestinely use its technology to launch cyberattacks without its knowledge. Kaspersky said in a statement it was a privately-managed company with no ties to the Russian government. It said that the warning by BSI was politically motivated, adding it was in contact with the BSI to clarify the matter.

ANALYST NOTES

Although it has not been confirmed that Kaspersky AV software can be used by the Russian government to launch cyberattacks, the company historically has some connection to Russian government due to the founder’s past as a KGB officer. In 2017, the United States passed a law that banned any US government agencies from using Kaspersky software, based on claims that Kaspersky maintained ties with the Russian government. Whether Kaspersky wishes to cooperate with the Russian government or not, history and recent events have shown that the Russian government is willing and able to pressure private companies into compliance with the goals of the government. AV software requires deep access to the computer it runs on, including all files on the system, or it cannot be effective. Kaspersky AV, like most other AV software, has the ability to take copies of files that it deems suspicious on any computer it is running on and upload full copies of those files to be inspected by Kaspersky employees. It was this feature that was alleged responsible for leaking some hacking tools that Kaspersky claimed to be used by NSA from the computer of an NSA contractor in 2017, a claim which is not denied by Kaspersky Labs. It is better to be safe than sorry, so if one is using Kaspersky as an AV product, perhaps now is the time to switch to something else.

https://www.reuters.com/technology/germany-issues-hacking-warning-users-russian-anti-virus-software-kaspersky-2022-03-15/

Historical references:
https://www.reuters.com/article/us-usa-cyber-kaspersky-idUSKBN1E62V4

https://www.theguardian.com/technology/2017/oct/26/kaspersky-russia-nsa-contractor-leaked-us-hacking-tools-by-mistake-pirating-microsoft-office