Fresh Off The Block


Dec
02
2017

UK joins US in warning about #Kaspersky Antivirus and Russian software

Britain’s main cyber security agency on Friday warned British government agencies to avoid using anti-virus software from Russian companies, the latest in a series of moves targeting Moscow-based security software maker Kaspersky Lab.

The product box for Kaspersky Anti-Virus, as seen on Kaspersky's website.

Box image courtesy Kaspersky’s web site.

Who are Kaspersky?

Kaspersky Labs is a multinational corporation that provides cybersecurity services worldwide. The company does a lot of work in identifying threats to computers, the internet and governments that could damage computers or lead to information getting out that shouldn't be made public; and helps to find solutions. As well as internet security, password management and many other security tools, one of the products Kaspersky is most well-known for developing and selling is its own Antivirus product, Kaspersky Anti-Virus (and also Kaspersky Internet Security), which is used by governments and individuals alike to help protect computers from being compromised or damaged by malicious attacks.

Kaspersky Labs is headquartered in Moscow, Russia – a country known to have strict laws over control of data in and out of its borders. Russia lately has been in a lot of hot water with the United States over longstanding allegations that the country attempted to rig the 2016 Presidential Election and has too close ties to current president Donald Trump; and may be secretly attempting to influence America.

What's going on?

The United States have expressed concerns that Kaspersky have "close ties to intelligence agencies in Moscow and that its software could be used to enable Russian spying". In response, Kaspersky has offered to share source code showing how parts of their software works, in order to supposedly prove that Kaspersky does not hand any data over to Russia. This hasn't alleviated the US Government's concerns, however, and Kaspersky’s anti-virus software was banned from US government networks earlier this year.

Now, the UK has decided to follow suit.

In the United Kingdom, the government organisation responsible for computer security is the UK National Cyber Security Centre. On Friday, its director, Ciaran Martin, penned a letter to departmental permanent secretaries asking them to stop using Kaspersky software, saying that Russian-made software should "not be used in systems containing information that would harm national security if it was accessed by the Russian government."

The wording of the letter makes clear that the UK agrees with the US that there are significant concerns that Kaspersky software could be leaking data to Russian governments that would be dangerous if it got out. Martin added that his agency is "in talks with Kaspersky Lab to develop a system for reviewing its products for use in Britain."

”We are in discussions with Kaspersky Lab … about whether we can develop a framework that we and others can independently verify,” Martin said in the letter, which was publicly released.

What is Kaspersky's reaction?

Kaspersky Labs allege their organisation has become a scapegoat in the midst of the rising tensions between America and Russia; and say that it looked forward to working with the NCSC on the issue in a statement released following the NCSC announcement.

Should I be worried?

At this point in time, there is no real proof that Kaspersky DOES send data that passes through its systems on to the Russian government; or what that data entails. However, the fact the company does dealings with government, corporate and military organisations worldwide, and is itself based in Moscow, makes the possibility impossible to ignore.

The NCSC's statement only refers to matters of "national security", saying that Kaspersky software should only be avoided if the possibility of Russians getting ahold of it "poses a significant risk". For most at-home users, therefore, there is nothing to worry about. However, if you are a user of Kaspersky Antivirus, Internet Security or any of their other products; and you find the revelations discomforting or are concerned for your privacy, it may well be worth looking into alternative products just for your own peace of mind.

What Our Visitors are Talking About


Latest CommentsOn Twitter Right Now
  • “Unlock” Dialogue for Clone System tool in Aomei Backupper 2.5 by William Sims
  • Microsoft gets 561 million euro fine for missing browser ballot “oversight” by Gamer Repulic's Dorthea
  • Microsoft gets 561 million euro fine for missing browser ballot “oversight” by Sherman Moya
  • Microsoft gets 561 million euro fine for missing browser ballot “oversight” by Microsoft gets 561 million euro fine for missing browser ballot “oversight” | The Sanitarium.FM
  • Valve’s Steam Gaming Computer: What we know so far by Valve's Steam Gaming Computer: What we know so far | The Sanitarium.FM
  • Tweet to @TMWeb to have your comments appear here!

    Previous Articles


    Jan
    09
    2011

    US wants Twitter data of “Wikileaks activists”

    Ever since Wikileaks caused drama by leaking United States diplomatic cables – something I’m sure most people have heard about by now, and if not just look it up on the net – the US government has started an investigation to try to bring Wikileaks “to justice”. I put “to justice” in quotes not because I am taking the side of Wikileaks (I am neither pro or anti Wikileaks), but rather because not everyone agrees on this matter.

    Anyway, apparently as part of this investigation, the US Attorney’s office has convinced a District Court judge data held by Twitter is “relevant and material to [the] ongoing criminal investigation”; as a result, Twitter was earlier in the year served a subpoena, and now is forced to give over data related to various Twitter accounts believed to be related to either Julian Assange (the founder of Wikileaks) or Wikileaks itself – including Julian Assange’s own Twitter, plus those of Birgitta Jonsdottir, an Icelandic MP; and Bradley E. Manning, a militant supposedly responsible for the leaking of some of the cables; among others.

    The reason we are aware of this subpoena is because Twitter was recently able to overturn a gagging order originally served with it. A gagging order prevents a person from revealing information under penalty of law. After getting the gag, Twitter fought back and successfully got the gagging order lifted; so Twitter is now legally allowed to let the public – and the respective account holders – know about the US Attorney’s Office’s demand to hand over data.

    According to the BBC, the data demanded from Twitter by the US Attorney’s office includes “mailing addresses and billing information, connection records and session times, IP addresses used to access Twitter, email accounts, as well as the ‘means and source of payment'”.

    It will be interesting to see how this all plays out. Feel free to discuss in the comments below (consider this an open politics discussion thread), but keep it civil.

    [Many thanks to BBC News for breaking this news!]

    Digiprove sealThis informative article has been Digiproved © 2011