Germany’s information security officials warned that Russian security firm Kaspersky’s antivirus tools could be used to spy on users around the world. The German Federal Office for Information Security (BSI) recently issued a warning stating that Kaspersky antivirus software could be misused to launch cyberattacks or eavesdrop on and spy during Russia’s invasion of Ukraine.
While BSI did not explicitly request that the company and product be banned, it recommended that companies replace their cybersecurity solutions with those created by non-Russian vendors. While the BSI statement states, “A Russian IT manufacturer may perform offensive operations itself, be forced to attack target systems against its will, or spy on it unknowingly as a victim of a cyber operation, or be misused as a tool for attacks against its own customers,” while rooting is required for antivirus tools to work. and it is also reminded that the manufacturer must have a constant connection with its servers.
BSI concludes, “Companies and authorities with private security interests and critical infrastructure operators are particularly at risk.”
Italy’s Computer Security Incident Response Team (CSIRT) moved in a similar direction, recommending Italian firms to assess the potential risks of using Russian-made cybersecurity solutions.
Kaspersky harshly criticized the warnings, calling them political rather than technical. “We will continue to reassure our partners and customers of the quality and integrity of our products, and will work with BSI to clarify its decision and find ways to address its and other regulators’ concerns,” said Kaspersky spokesperson Francesco Tius.
The statement continues: “Kaspersky is a private global cybersecurity company and as a private company it has no ties to Russia or any other government.”
Despite assurances, some companies have already cut ties with Kaspersky. German football club Eintracht Frankfurt FC has terminated the sponsorship agreement that has been in effect since 2018.
A club spokesperson said, “We have always made it clear that we base our continued partnership with Kaspersky on facts and attitudes, not nationalities. At the BSI’s warning, the facts and therefore confidence in the safeguardability of Kaspersky’s products and services have changed significantly,” added: “We notified Kaspersky management that we immediately terminated the sponsorship agreement. Looking back, we see that we have a very reliable and successful partnership with Kaspersky, and we have had good cooperation with the relevant people over the past four years. We are very sorry for the developments.”