EU Joins Other Governments Claiming Kaspersky Software as Malicious

Kaspersky HQ

TechViews News   …..

Fresh political woes for Russian security firm Kaspersky, which has reacted angrily to a vote in the European Union Parliament last week to ban its software — on the grounds that it has been “confirmed as malicious“.

The security firm has been battling controversy for around a year now, after the US government became suspicious of ties between the company and Russian intelligence agencies — and went on to ban its products for government use in September last year.

On Sept. 19, 2017 The US Federal Register published a notice, which required all federal government agencies to develop and begin implementing a plan to expunge all “information security products, solutions and services supplied directly or indirectly” by Kaspersky Lab or related entities from federal government systems.

This came after security researchers discovered a hole in Kaspersky products that led back to Russian intelligence groups. This would allow users of Kaspersky software products to have a back door which could be opened by Russian intelligence operatives directly into the end user. This vulnerability affected individual consumers as well as government and corporate entities that use Kaspersky software.

When announcing the directive that bans Kaspersky software from federal systems, officials voiced concerns that, “Russian law allows intelligence agencies to compel the company to assist it and that Russian intelligence agencies might eavesdrop or intercept information collected by the company.”

In December, the Trump administration went even further, ordering a full ban on the company’s products from government networks by this coming October, 2018.

European Rhetoric Heats Up

The anti-Kaspersky rhetoric continues to heat up in Europe, with the European Parliament passing a motion branding the Moscow-based anti-virus firm’s software as being “confirmed as malicious.”

In response, Russia-based Kaspersky Lab says it’s halted all work with European institutions, including Europol – the EU’s law enforcement intelligence agency – until it receives clarification from the European Parliament. The company says it’s also paused its work with the ‘No More Ransom’ project, which provides free decryption tools to ransomware victims.

On Wednesday, 6-13-18, members of the European Parliament voted 476 to 151 to approve a nonbinding cyber defense motion that seeks to improve Europe’s ability to defend itself against online attacks.

The motion also singles out Kaspersky Lab. An amendment reportedly added by Polish Member of the European Parliament (MEP) Anna Elzbieta Fotyga that “calls on the EU to perform a comprehensive review of software, IT and communications equipment and infrastructure used in the institutions in order to exclude potentially dangerous programs and devices, and to ban the ones that have been confirmed as malicious, such as Kaspersky Lab.”

Transparency Center: Switzerland

The European Parliament motion comes despite Kaspersky Lab having said that it “has no ties to any government, and the company has never helped, nor will help, any government in the world with its cyber espionage efforts.”

In a bid to combat allegations that Kaspersky Lab may have been suborned by the Russian government, the firm on May 15 announced that by the end of this year, it will be moving many of its operations to Zurich, where it would open its first “transparency center.” The company also said its “coding group activities – which works on the compilation and creation of Kaspersky Lab products and threat detection rule updates” would occur in Zurich.

In addition, all information processing for users in Europe, North America, Australia, Japan, South Korea and Singapore – “with more countries to follow” will only occur in Zurich, and be independently audited and reviewed.

Kaspersky Lab said that by 2020, it plans to open further transparency centers in North America and Asia.

Allegations, But Limited Evidence

Despite the firm’s transparency push, however, multiple governments have signaled their unease with using the firm’s products, at least for sensitive operations. Some of those misgivings may be in response to the New York Times last year reporting that Israeli spies had hacked into Kaspersky Lab’s network and discovered that the Russian government was using the company’s widely installed anti-virus software to attempt to spy on U.S. intelligence agencies.

No programming code has been produced publicly to support those assertions, but then intelligence agencies don’t typically publicly release their findings, and governments typically refrain from doing so except for diplomatic purposes or if there’s a risk that poses a clear and present danger.

Dutch Government Orders Phase-Out

On May 14, Dutch Justice Minister Ferdinand Grapperhaus wrote to the lower house of the Dutch parliament, saying that the government would be phasing out the use of Kaspersky Lab anti-virus software as a “precautionary measure” because of the risk it might pose.

Because anti-virus software hooks into the inner workings of operating systems, “there is a risk of digital espionage and sabotage at the central government and Dutch infrastructure,” Grapperhaus wrote.

“The [Dutch] cabinet has carried out an independent review and analysis and made a careful decision on that basis,” Grapperhaus said. “Although there are no current cases of misuse known in the Netherlands, we cannot wait until after it happens to act.”

NCSC Guidance

Last December, the U.K.’s National Cyber Security Center, which advises organizations on cybersecurity matters and is part of intelligence agency GCHQ, said that no official-tier organizations or anyone who handles information classified as “secret” or higher – in short, anyone in the national security space – should use software built in Russia.

Politics vs. Technology

Jaya Baloo, CISO for KPN, a Dutch telecommunications company, says that KPN carefully evaluates all software that it uses – including penetration tests and source code verification – to ensure that it’s behaving as advertised, but says the rhetoric around Kaspersky Lab has mostly been verified, and as such, will be acted upon.

But Baloo also states that while evidence exists that Kaspersky products have been used in subversive manners by Russian intelligence, that most of the chatter has come from politicians and not technical researchers. “What I feel is, of course we can figure this out technically, but it’s not just a technical issue; it’s a political issue.”

While Kaspersky denies everything, researchers globally are beginning to collaborate in trying to understand how much of a threat the Kaspersky security products actually pose.

Be Safe – Backup Your Data Regularly!


And don’t forget to take advantage of our FREE subscription to the TechViews News Updates. You will receive all of our updates and posts the moment they are published.