Founder and CEO Yevgeny Kaspersky is not only a legend in the fight against computer viruses, he also studied computer engineering at a KGB university and worked at a military research institute. This makes him suspicious in the eyes of his critics.
(Photo: Dmitry Astakhov /imago images/ITAR-TASS)
The warning issued by the Federal Office for Information Security (BSI) published on Tuesday, is marked with the risk level “high”. It speaks of the danger of an “IT attack with far-reaching consequences” on the EU, NATO and the Federal Republic. And of a possible central role that the antivirus software from the Russian manufacturer Kaspersky could play.
The Moscow-based IT professionals are among the world’s leading experts in the fight against malware and cyber attacks of all kinds. According to their own statements, they protect the systems of more than 400 million users and 240,000 companies worldwide. In order to monitor the systems, they have almost as much access to them, at least potentially, as a classic security service has to the buildings it is supposed to protect. Because antivirus programs require extensive permissions for the systems on which they are installed. They also maintain permanent, encrypted connections to their manufacturer’s servers. The data flowing over these connections cannot be seen from the outside. The BSI obviously considers the risk that a master key in Moscow could be misused to be too high.
According to the BSI, Kaspersky could become a tool without wanting to
When asked, Kaspersky writes that it is “a privately held global cybersecurity company”, so it has “no ties to the Russian or any other government”. It has “set standards for digital trust and transparency” in the industry. It believe in the power of peaceful dialogue. “War is good for nobody.”
What Kaspersky intends to do does not seem to play a major role for the BSI. The warning states: “A Russian IT manufacturer can conduct offensive operations itself, be forced to attack target systems against its own will, or be spied on without its knowledge as a victim of a cyber operation, or be used as a tool for attacks against its own customers will.” In plain language: Kaspersky does not necessarily have to be hostile to the West. As a Russian company, it may have no choice but to cooperate with the government and security agencies. And could be hacked itself.
The background to this warning also includes the fact that rumors have been circulating that Kaspersky is secretly operating as an extension of the Kremlin. A prominent representative of the Russian tech scene told the magazine in 2012 Wired, a “substantial part of the company” is closely linked to the domestic secret service FSB, the successor organization to the KGB. The number one rule for successful Russian companies is a good connection to the power apparatus. Founder and CEO Yevgeny Kaspersky studied at a KGB college and worked at a military research institute. The company writes on its website today that it is working with “authorities worldwide” in the fight against cybercrime. One of the authorities responsible for this in Russia is the FSB.
The US government has been warning of Kaspersky for years
In 2017, the US government banned its agencies from using Kaspersky software due to security concerns. The following year, the Dutch government followed suit. Kaspersky launched a “global transparency initiative”, moved a node of its data processing from Russia to Switzerland and granted insights into its source codes. British foreign intelligence investigated Kaspersky and found no evidence that its software was being used for espionage, but issued a warning to authorities nonetheless.
The federal government, on the other hand, has so far relied on the “no-spy clause” introduced in 2015. With the foreign companies assure that they are not legally obliged to pass on confidential information to intelligence services. When the US authorities said goodbye to Kaspersky, the BSI praised the “trustful cooperation” with the Russians. The company’s software is currently in use in municipal administration and at state level, as well as in research institutions, the BSI reports.
“The actions of military and/or intelligence forces in Russia,” the warning says, have now apparently led to a rethink on the part of the cyber security guards. The Russian virus protection software should be replaced by alternative products, but a hasty change or shutdown is not appropriate. Otherwise the systems may suddenly be exposed to attacks from the Internet without any protection. A virus protection from Russia would therefore still be better than none at all.