Popular anti-virus software used by hundreds of thousands of people and businesses in Britain was reportedly hijacked by Russian government hackers to trawl for American secrets. <…>
Computer users must give their anti-virus software widespread access to files so they can be scoured for viruses. But such access potentially makes the software a perfect “backdoor” for hackers, according to computer experts.
Kaspersky Lab has repeatedly denied accusations it is complicit in Russian state cyber operations. Technical experts said hackers may have gained access to its software without the firm knowing.
US government bans Kaspersky Labs software from federal computers amid concerns over Kremlin ties
The US government has banned the use of Kaspersky Lab security software within federal agencies, following concern that the company has ties to state-sponsored cyberespionage activities.
Elaine Duke, the acting homeland security secretary, gave the agencies three months to remove the software. Around six federal agencies are believed to use the software; the ruling does not apply to the military, but they are not thought to be Kaspersky Labs clients.
“The department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks,” the department said in a statement.
The Company Securing Your Internet Has Close Ties to Russian Spies
Founder and Chief Executive Officer Eugene Kaspersky was educated at a KGB-sponsored cryptography institute, then worked for Russian military intelligence, and in 2007, one of the company’s Japanese ad campaigns used the slogan “A Specialist in Cryptography from KGB.” <…>
In 2012, however, Kaspersky Lab abruptly changed course. Since then, high-level managers have left or been fired, their jobs often filled by people with closer ties to Russia’s military or intelligence services. Some of these people actively aid criminal investigations by the FSB, the KGB’s successor, using data from some of the 400 million customers who rely on Kaspersky Lab’s software, say six current and former employees who declined to discuss the matter publicly because they feared reprisals. This closeness starts at the top: Unless Kaspersky is traveling, he rarely misses a weekly banya(sauna) night with a group of about 5 to 10 that usually includes Russian intelligence officials. Kaspersky says in an interview that the group saunas are purely social: “When I go to banya, they’re friends.”
The British government has issued a fresh warning about the security risks of using Russian anti-virus software.
For it to work, anti-virus software like that sold by Kaspersky Labs requires extensive access to files on computers and networks to scan for malicious code.
It also requires the ability to communicate back to the company in order to receive updates and share data on what it finds.
However, the concern is that this could be used by the Russian state for espionage.
Officials say the National Cyber Security Centre (NCSC)’s decision is based on a risk analysis, rather than evidence that such espionage has already taken place.
In the new government guidance, Ian Levy, NCSC’s technical director, said: ”Given we assess the Russians do cyber-attacks against the UK for reasons of state, we believe some UK government and critical national systems are at increased risk.”