Scary Kaspersky Stories – Ghost in the Machine

Happy Halloween!  Nothing like a scary story to end the holiday.  The scary story in cybersecurity is that Kaspersky anti-malware and security products are in league with the Putin government and the FSB in Russia.  The FBI is advising government agencies to drop Kaspersky and find a new endpoint security solution.

Kaspersky Lab is a Russian multinational cybersecurity and anti-virus provider headquartered in Moscow, Russia and operated through a holding company in the United Kingdom. Kaspersky was founded by Eugene Kaspersky in 1997, and is the CEO. Kaspersky Lab develops and sells antivirus, internet security, password management, endpoint security, and other cybersecurity products and services. (Wikipedia)

Kaspersky expanded internationally from 2005–2010 and grew to more than $700 million in annual revenues by 2014. As of 2016, the software has about 400 million users and has the largest market-share of cybersecurity software vendors in Europe.  Kaspersky Lab ranks fourth in the global ranking of antivirus vendors by revenue.(Wikipedia)  Keep these numbers in mind as we delve into this issue.

In addition to the FBI advisory, there have been other articles about Kaspersky hacks.  From the BBC World News, we hear how Israeli spies looked on as Russian hackers breached Kaspersky cyber-security software two years ago.  And a new article on Bruce Schneier’s Crypto-Gram blog titled Yet Another Russian Hack of the NSA — This Time with Kaspersky’s Help tells how the NSA was breached through Kaspersky products.

This has always been an issue with me regarding Kaspersky.  Any product that can be fundamentally changed through the update process can become a weapon or exploit without warning.  There are inherent security issues using a product manufactured in a country that is not necessarily an ally.  To be fair, I am also concerned that all the motherboards and chips that go into the routers that run the internet are manufactured and assembled in China.  What if they are secretly including hard-coded back doors into these devices?

Why such a ruckus about Kaspersky now?  The fact that Kaspersky is a huge source of hard currency revenues for Russia (in excess of $700 million annually) may be the main reason.  Historically, when the US and the west want put the screws to Russia, it has been through the application of economic rather then military pressure.  Just saying, there may be some subtext here that is not being reported.  How much do we trust our own government to be truthful with us?

So there is a possibility that Eugene Kaspersky’s protestations of innocence are genuine.  Nevertheless, I have never advised a client to use Kaspersky products, and the new stories just provide clarity as to the reasons why.  Even if these stories are complete government fabrications, which they probably are not, they are plausible, and if not actually happening now, could happen in the future.

Stay tuned, this is bound to be messier than it is already.  And if you are running Kaspersky, uninstall it and use something else, like the free Windows Defender that comes bundled with Windows 10.

 

0

About the Author:

Cybersecurity guru to business owners in the St Paul, Minneapolis, and western Wisconsin area. Computer security and hacking have been a passion of mine since I entered the computer and networking business in 2000. In 2013 I completed a course of study and certification exam to become a Certified Ethical Hacker (CEH). In 2016 I was certified as a Certified Information Systems Security Professional (CISSP). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of computer security, network security, and web site security. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also provide Cybersecurity Awareness Training for clients and their employees. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. The views expressed on this Web site are mine alone and do not necessarily represent the views of my employer.

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.