Happy Halloween! Nothing like a scary story to end the holiday. The scary story in cybersecurity is that Kaspersky anti-malware and security products are in league with the Putin government and the FSB in Russia. The FBI is advising government agencies to drop Kaspersky and find a new endpoint security solution.
Kaspersky Lab is a Russian multinational cybersecurity and anti-virus provider headquartered in Moscow, Russia and operated through a holding company in the United Kingdom. Kaspersky was founded by Eugene Kaspersky in 1997, and is the CEO. Kaspersky Lab develops and sells antivirus, internet security, password management, endpoint security, and other cybersecurity products and services. (Wikipedia)
Kaspersky expanded internationally from 2005–2010 and grew to more than $700 million in annual revenues by 2014. As of 2016, the software has about 400 million users and has the largest market-share of cybersecurity software vendors in Europe. Kaspersky Lab ranks fourth in the global ranking of antivirus vendors by revenue.(Wikipedia) Keep these numbers in mind as we delve into this issue.
In addition to the FBI advisory, there have been other articles about Kaspersky hacks. From the BBC World News, we hear how Israeli spies looked on as Russian hackers breached Kaspersky cyber-security software two years ago. And a new article on Bruce Schneier’s Crypto-Gram blog titled Yet Another Russian Hack of the NSA — This Time with Kaspersky’s Help tells how the NSA was breached through Kaspersky products.
This has always been an issue with me regarding Kaspersky. Any product that can be fundamentally changed through the update process can become a weapon or exploit without warning. There are inherent security issues using a product manufactured in a country that is not necessarily an ally. To be fair, I am also concerned that all the motherboards and chips that go into the routers that run the internet are manufactured and assembled in China. What if they are secretly including hard-coded back doors into these devices?
Why such a ruckus about Kaspersky now? The fact that Kaspersky is a huge source of hard currency revenues for Russia (in excess of $700 million annually) may be the main reason. Historically, when the US and the west want put the screws to Russia, it has been through the application of economic rather then military pressure. Just saying, there may be some subtext here that is not being reported. How much do we trust our own government to be truthful with us?
So there is a possibility that Eugene Kaspersky’s protestations of innocence are genuine. Nevertheless, I have never advised a client to use Kaspersky products, and the new stories just provide clarity as to the reasons why. Even if these stories are complete government fabrications, which they probably are not, they are plausible, and if not actually happening now, could happen in the future.
Stay tuned, this is bound to be messier than it is already. And if you are running Kaspersky, uninstall it and use something else, like the free Windows Defender that comes bundled with Windows 10.