Enlarge image
Kaspersky booth in Barcelona
Photo: ALBERT GEA / REUTERS
The Federal Office for Information Security (BSI) now warns against the use of Kaspersky virus protection products and recommends "replacing them with alternative products".
The agency announced this on Tuesday.
The BSI did not raise any concrete allegations against Kaspersky products, for example based on its own investigations.
The warning should ultimately also be of a political nature.
After the start of the Russian invasion of Ukraine, politicians in the traffic light coalition called for a reassessment of the use of Kaspersky products.
The BSI has now written that antivirus software "must for systemic reasons (at least for updates) maintain a permanent, encrypted and non-verifiable connection to the manufacturer's servers." This connection, which is not only important for updates but also for the functioning of the antivirus software, the BSI now apparently rates it as a potential risk.
It is crucial that one can trust the reliability and the "self-protection of a manufacturer".
In other words: it is obviously a conceivable scenario for the BSI that Kaspersky itself is attacked and then its customers are also attacked.
The key sentence in the BSI statement is: "A Russian IT manufacturer can carry out offensive operations itself, be forced to attack target systems against its will, or be spied on as a victim of a cyber operation without its knowledge, or use it as a tool for attacks against his own customers being abused.«
BSI recommends: Don't switch off without a plan
According to the BSI, the risk of such attacks is “considerable”, as the authority points out with reference to “the actions of military and/or intelligence forces in Russia and the threats made by the Russian side in the course of the current armed conflict against the EU, NATO and the Federal Republic of Germany« announced.
Operators of critical infrastructure are particularly at risk and can now seek advice from the BSI or the Office for the Protection of the Constitution.
However, the notification also states: "All users of the virus protection software can be affected by such operations".
However, the switch to competing products should be carried out as planned as possible, because "if IT security products and in particular virus protection software were switched off without preparation, one might be exposed to attacks from the Internet without protection".
Kaspersky said in a first reaction that it is "a privately held global cybersecurity company, and as a private company Kaspersky has no ties to the Russian or any other government".
One is "of the opinion that this decision is not based on the technical evaluation of Kaspersky products (...) but rather was made for political reasons".
Without mentioning Russia, the statement also says: "We believe that peaceful dialogue is the only possible instrument for resolving conflicts.
War is good for nobody«.
Excluded from authorities in the USA for a long time
Such allegations against Kaspersky are not entirely new.
In 2017, the US government excluded the company from contracts with US authorities.
Company founder Eugene Kaspersky told SPIEGEL at the time: »That was also purely politically motivated.
I think the rule of thumb should be that unless you see technical documentation to back up such claims, they should be considered untrue.”
In October 2017, Kaspersky announced a transparency offensive "to prove to skeptics that we have absolutely nothing to hide and that we can be trusted as a security company".
Data processing for customers in several countries was relocated to Switzerland, and various "transparency centers" were opened in which authorized partners can view source codes from Kaspersky, among other things.
In 2018, the BSI declared: "The BSI still has no findings that prove the manipulation of Kaspersky software."
In 2019, Kaspersky became an official partner of the Alliance for Cyber Security (ACS) in Germany.
/cloudfront-eu-central-1.images.arcpublishing.com/prisa/H6SX4JB4HJIOMBO3FUP6IGGLUI.jpg)
