British cybersecurity experts have warned U.K. government agencies not to use antivirus software produced by the Russian firm Kaspersky Lab.
The head of the National Cyber Security Center, Ciaran Martin, said in a letter dated December 1 that "Russia is acting against the U.K.'s national interest in cyberspace."
He cautioned that "
a Russia-based provider should never be used" for the security of vital systems.
The statement stopped short of urging the public to stop using Kaspersky products.
In September, the U.S. government barred agencies from using Kaspersky products after expressing concern that the company could have links to the Russian government or Russian spy agencies.
In October, media reports linked a theft of information from the U.S. National Security Agency (NSA) to Kaspersky software.Kaspersky has denied any wrongdoing and has said it has no secret collaboration with Russian security agencies.
Comment: Fake news. What
happened was:
According to US media reports in October 2017, an employee from the National Security Agency (NSA) elite hacking unit lost some of the agency's espionage tools after storing them on his home computer in 2015. The media jumped to blame Kaspersky Lab and the Kremlin.
Following the reports, the company conducted an internal investigation and stumbled upon an incident dating back to 2014. At the time, Kaspersky Lab was investigating the activities of the Equation Group - a powerful group of hackers that later was identified as an arm of the NSA.
As part of Kaspersky's investigation, it analyzed information received from a computer of an unidentified user, who is alleged to be the security service employee in question. It turned out that the user installed pirated software containing Equation malware, then "scanned the computer multiple times," which resulted in antivirus software detecting suspicious files, including a 7z archive.
"The archive itself was detected as malicious and submitted to Kaspersky Lab for analysis, where it was processed by one of the analysts. Upon processing, the archive was found to contain multiple malware samples and source code for what appeared to be Equation malware," the company's October statement explained.
The analyst then reported the matter directly to Eugene Kaspersky, who ordered the company's copy of the code to be destroyed.
On Thursday, Kaspersky Lab issued another statement concerning this incident following a more extensive investigation. The results of the investigation showed that the computer in question was infected with several types of malware in addition to the one created by Equation. Some of this malware provided access to the data on this computer to an "unknown number of third parties."
So he installed the pirated software, which contained the malware and after scanning the files, that information was sent to Kaspersky for analysis. Isn't that what's supposed to happen when you scan for viruses and one is detected? Somehow they equate that to "theft of information" which isn't the case here since he initiated the scans and being part of an "elite hacking unit" should well know how that all works. Sounds more like the work of a sloppy employee.
Besides the "it's Russian" nonsense, the real reason they won't want you using it is that they then
can't hack you or at least have a hard time with it:
There is fear mongering, without any evidence, that Kaspersky may cooperate with the Russian government. Similar accusations could be made about any anti-virus product. U.S. and British spies systematically target all anti-virus products and companies:
The British spy agency regarded the Kaspersky software in particular as a hindrance to its hacking operations and sought a way to neutralize it.
...
An NSA slide describing "Project CAMBERDADA" lists at least 23 antivirus and security firms that were in that spy agency's sights. They include the Finnish antivirus firm F-Secure, the Slovakian firm Eset, Avast software from the Czech Republic, and Bit-Defender from Romania. Notably missing from the list are the American anti-virus firms Symantec and McAfee as well as the UK-based firm Sophos.
That the NSA and the British GCHQ did not list U.S. and British made anti-virus products on their "to do" list lets one assume that these packages can already be controlled by them.
Comment: Fake news. What happened was: So he installed the pirated software, which contained the malware and after scanning the files, that information was sent to Kaspersky for analysis. Isn't that what's supposed to happen when you scan for viruses and one is detected? Somehow they equate that to "theft of information" which isn't the case here since he initiated the scans and being part of an "elite hacking unit" should well know how that all works. Sounds more like the work of a sloppy employee.
Besides the "it's Russian" nonsense, the real reason they won't want you using it is that they then can't hack you or at least have a hard time with it: